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CHAPTER 1. INTRODUCTION 


Cryptography is almost as old as civilization. The human desire 
for privacy when communicating leads inevitably to cryptography. 
Webster's Dictionary describes cryptography as: "the art or 
practice of preparing messages in a form intended to prevent 
their being read by those not privy to secrets of the form; also: 
the science of devising methods and means for this". The word 
cryptography combines the Greek "kryptos" (secret) and "graphos" 
(writing). 


The Spartans established one of the first military cryptographic 
systems in the fifth century B.C. They developed a simple tool 
consisting of a strip of parchment wrapped around a staff of 
wood. The original message was written on the parchment down the 
length of the staff. Once unwrapped, the message becomes 
unreadable and can be transferred by messenger to the receiver, 
who decrypts the message by rewrapping it around a staff of the 
Same thickness. The Spartans used it to transfer secret 
information during the Persian Wars. 


There are two basic kinds of encrypting or ciphering methods: 
transposition and substitution. Data ciphering by transposition 
takes the characters of the original message (the plain text) and 
scrambles them to form the encrypted message (the cipher text). 
The scrambling changes the position of characters in the text 
only and not the characters themselves. "CIPHER" written as 
"HCERPI" is an example of transposition ciphering. 


The substitution method replaces each character of the original 
text by another character, number or special symbol. Julius 
Caesar desiqned a cryptographic algorithm where the characters 
were shifted a fixed number of positions; for a shift of three 
positions,an "a" becomes a "d" and a "b" becomes an "“e". His name 
is substituted as "Mxolxv Fdhvdu". He employed this algorithm to 
protect an exchange of letters with Cicero during the Gallic 
Wars. 


The fundamental weakness of Caesar's algorithm is that it always 
encrypts the same letter in the same manner. Codebreaking 
techniques introduced in the second half of the nineteenth 
century take advantage of the fact that each language has its own 
character frequency spectrum. The most common letter in the 
English language is the "“e"; the most frequently recurring double 
letters are "th". Spectrum analysis can easily break Caesar's 
code. 


More sophisticated algorithms developed in the Renaissance 
eliminated the weakness of Caesar's code. The encrypted character 
becomes a function of the original character and its position in 


the text. The same character in two different text locations is 
replaced by different encrypted characters. 
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German intelligence in World War I employed a code where a list 
of words organized in a dictionary were linked to a set of 
numbers. The linkage was not organized in numerical or 
alphabetical order; it was a giant substitution. In January 1917, 
the German Foreign Minister, A. Zimmermann, sent a top-secret 
encrypted telegram to his ambassador in Washington. The British 
Post Office intercepted this wireless telegram and sent it to the 
codebreaking branch of British Naval Intelligence. The decoding 
of the "Zimmermann telegram" was probably the most important 
single codebreaking task in intelligence history. It caused the 
United States to join the war. 


Until the early Sixties, most cryptographic equipment was based 
on complicated machines consisting of many mechanical disks and 
gears. Today, the use of electronic devices increased the 
capabilities of cryptography. The algorithms are now more 
sophisticated; but, on the other hand, cryptoanalysts are also 
able to break more sophisticated codes using computers. 


The extensive use of data communication over radio or telephone 
lines makes it easy for someone to listen to masses of sensitive 
information without being detected. Great quantities of 
confidential data, stored on disks or transmitted over various 
communication links, need protection from unauthorized access. 
Using any home computer with a modem, an outsider can dial many 
phone numbers automatically to find a connection where a computer 
system answers. By trying random passwords he might then gain 
access to the system, but this access would be worthless if the 
sensitive data were stored in encrypted form. 


A U.S. government department, the National Bureau of Standards, 
developed an algorithm designed to protect sensitive computer 
data. Advanced Micro Devices implemented this algorithm into 
Silicon. The result, the Data Ciphering Processor (DCP), isa 
one-chip 4@-pin LSI device, best suited for use in high-speed 
electronic data ciphering systems and certified by the National 
Bureau of Standards. The two major application areas of this 
device are: 


- to protect mass data storage (files on tape or disk), 


- to protect data communication links to keep the 
transferred information private (voice encryption, home 
banking, bank tellers, satellite communication). 


This handbook is organized into three parts. First, it gives the 
reader an overview about data ciphering in general and the DES 
algorithm supported by the DCP in particular. Differences between 
two cryptography systems, the public and the private key system, 
are discussed. Further, it outlines the differences between the 
three members of the AMD DCP family. 
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Chapter 3 provides a detailed description of all features and 
functions of the DCP. It introduces the reader to the internal 
structure of the DCP and explains the data ciphering instruction 
set. Timing information can be found in Appendix E. Detailed 
program flowcharts show the operation of the DCP in the different 
modes. 


Chapter 4 addresses the system designer, providing hints and 
ideas for designing the DCP into a specific system environment. 
It shows interfaces to most 8-bit and 16-bit microprocessors. 
Chapter 4.11 shows what is probably the simplest data ciphering 
system. It consists of a microcomputer and a DCP built in a 
"black box". This box provides data ciphering inserted in a 
serial communication line, for example between a terminal and a 
modem. Chapter 4.12 shows an application of the DCP in high- 
speed, serial data-communication environments such as Ethernet. 


Chapter 2 
CHAPTER 2. DATA CIPHERING 


The data ciphering algorithm supported by the DCP was tested and 
accepted by the US government. The technique works by passing 
original data through a circuit whose output is a complex, non- 
linear function of the data and a user-supplied, 56-bit key, 
involving XORing, substitution, block swapping, and key subset 
selection. The resultant encoded data is called "cipher text". 


It is virtually impossible to regenerate the original data 
without knowing the key. The DES specifies that the algorithm be 
implemented in hardware rather than software for maximum 
security. The DCP can execute both encryption and decryption. 
The device can hold three different keys: one for encryption, one 
to decrypt a received encoded message and a third one called 
Master Key to generate session keys or to transfer keys over the 
line. Refer to Chapter 3.2 (Master Key Register) for more 
information about the usage of the Master Key. Each key is 
entered into the DCP as a series of eight bytes, each byte 
consisting of seven key bits and one parity bit. The chip checks 
the parity on each byte of the key as entered. To enhance system 
security, the keys cannot be read back. 


The DCP supports three data encryption modes to satisfy the 
requirements of most applications. Electronic Code Book (ECB) is 
best suited for high-speed disk applications. Chain Block Cipher 
(CBC) provides an extra degree of data security over ECB in that 
it detects any insertion or deletion in the cipher text. It also 
implements one of the basic cryptography rules: Never encode the 
Same message the same way twice. Data ciphering in disk 
applications cannot follow this rule because it requires that 
records be decrypted randomly. The third data ciphering mode is 
Cipher Feedback (CFB). It is designed for medium-speed, 
character-based applications. Data is handled on a byte-by-byte 
basis without waiting to form 64-bit blocks, as in the other two 
methods. 


2.1 DATA ENCRYPTION STANDARD 


In January 1977, the National Bureau of Standards published a 
Data Encryption Standard (DES) in the Federal Information 
Processing Standards Publication (FIPS PUB 46). The DES specifies 
an algorithm to be implemented in electronic hardware devices to 
protect computer data cryptographically. That publication 
provides a complete description of the mathematical background of 
the DES algorithm. 


Although the DES encryption/decryption algorithm is public 
information, the individual privacy is insured with a private 
key. The user can chose any 56-bit key; thus,.he can select one 
of 7.2 x 1916 possible keys. The same key is used for encryption 
and decryption. The DES is a private key system. 
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Figure 2.1. Electronic Codebook (ECB) Mode 
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Figure 2.2. Cipher Block Chaining (CBC) Mode 
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The DES algorithm takes a data block through 18 data-manipulation 
stages. Sixteen of these stages are identical. They execute 
complex series of bit manipulations depending on the key. 


The first and the last stage do only simple bit transpositions. 
This overview of the internal operation makes it obvious that 
this algorithm is well-suited for implementation in electronic 
hardware. 


The DES algorithm translates a 64-bit binary block into a unique 
64-bit output block. It is important for some applications that 
this ciphering algorithm does not add information. Input and 
output blocks have the same length. Each bit of the result is a 
function of each and any bit of the input data as well as the 
key. In other words, a change of any Single input bit has 
approximately equal probability of changing any output bit. 


The National Bureau of Standards has defined four implementations 
of the DES algorithm to be used in a wide variety of 
applications. These implementations are called Modes of 
Operation. 


Advanced Micro Devices' Data Ciphering Processor was certified by 
the National Bureau of Standards in January 1981 (see Appendix 
D). The DCP has passed the DES test and 4 million iterations of 
the Monte Carlo test. (Since the DES is a complex nonlinear 
algorithm, it cannot be fully tested with a limited set of test 
vectors. To verify the correct hardware implementation, the 
National Bureau of Standards has created a statistical procedure 
-- the Monte Carlo routine.) 


Modes of Operation 


The National Bureau of Standards has defined four implementations 
of the DES algorithm. Each of them is designed for specific 
applications. 


ECB The Electronic Code Book (Figure 2.1) is a direct 
implementation of the DES algorithm. The analogy to a 
code book arises because the same plain text always 
generates the same ciphered text for a given 
cryptographic key. The DCP determines the codebook 
entries each time. A single bit error or change, in 
either the input text block or the key, causes an average 
bit error rate of 50% for its output block. However, an 
error in one text block will not affect any other block. 
In other words, there is no error extention between ECB 
blocks. 


The input and output block size is 64 bits. Since data 


blocks are independently ciphered, this mode is qualified 
for disk applications. 
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Figure 2.3. 8-Bit Cipher Feedback (CFB) Mode 
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Figure 2.4. K-Bit Output Feedback (OFB) Mode 
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The ECB mode has the weakness that identical blocks of 
plain text generate identical blocks of ciphered text. 
This violates one of the basic laws of encryption 
security: Never encrypt information the same way twice 
because this makes it easier for the opponent to break 
the code. This problem is solved by the CBC mode. 


Chain Block Cipher (Figure 2.2) also operates on 64-bit 
data blocks. The input data block is EXORed with an 64- 
bit Initial Vector (IV) before being processed by the DES 
algorithm. The resulting ciphered-output block is loaded 
into the IV Register, to be ORed with the next input 
block. This chaining of cipher text blocks provides 
different outputs for identical input blocks. It also 
gives an error extention characteristic which protects 
against fraudulent data insertion, deletion or alteration 
in a block sequence. A one-bit error in the input text 
block, the key or the Initial Vector causes an average 
error rate of 58% in all subsequent output blocks. These 
features make CBC best suited for high-speed data 
communications. 


Cipher Feedback (Figure 2.3) operates on n-bit data 
blocks, "n" being any value from 1 to 64. The content of 
the IV Register is processed by the DES algorithm. The 
most significant n-bits of the result are EXORed with the 
n-bit input data block. The result is the n-bit ciphered 
output block. This output block is shifted into the "n" 
least Significant bits of the IV Register. 


The DCP supports 8-bit CFB. Character-based, low-speed to 
medium-speed data communications is best done by 8-bit 
CFB. In CFB Mode, the throughput of the DCP is lower than 
in CBC or ECB because each algorithm pass provides only 8 
bits compared to 64 bits in the two high-speed modes. 


The error extention characteristic is the same as in CBC. 


Under some circumstances, such as a noisy, narrowband 
digital signal in an encrypted speech application, it is 
best to use a data-independent stream cipher. Output 
Feedback (Figure 2.4) is the best technique in this 
environment. The advantage of OFB is that the output 
data is a function of only the input data and the number 
of preceding blocks. It is independent of the actual data 
contained in the blocks. An error in an input block 
causes a 50% bit error probability in its output block, 
but it does not influence subsequent outputs. There is no 
error extention. 


OFB differs from CFB in that the feedback path is data- 
independent; a part of the output of the DES algorithm is 
fed back directly. The DES algorithm operates like a 
pseudo-random number generator. 
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The DCP does not support OFB directly, but with some 
external hardware l-bit and 8-bit OFB can be implemented 
as shown in Chapter 3.8. No additional hardware is needed 
to perform 64-bit OFB. 


2.2 PUBLIC VERSUS PRIVATE KEY CRYPTOSYSTEMS 


The classical single-key cryptosystem, such as DES, operates on 
the premise that the sender and receiver of messages use the same 
key for the dual purpose of encryption and decryption. Although 
such a scheme is adequate for most purposes, it is deficient from 
the point of view of true “authentication". Authenticity assures 
that the message has not been tampered with during transmission, 
and also that the true identity of the sender (also called 
Signature) can be extracted from the encrypted message. In 
schemes involving sharing of a secret key there is scope for 
"forgery" since the receiver of a message can generate 
authenticators that are indistinguishable from those generated by 
the sender. Furthermore, single-key systems require some form of 
key distribution prior to activation of the system. 


Public key cryptosystems have evolved as an answer to the needs 
of digital signatures and also to overcome some of the 
shortcomings of DES. They were first introduced by Diffie and 
Hellman in 1976. In contrast to DES, these systems use a matched 
pair of keys (one private and the other public) for the sender 
and the receiver. Both pairs are generated independently. The 
private keys are retained by the individual users while their 
respective public keys are maintained in a common directory 
possibly managed by a network key server. This scheme separates 
the encryption and decryption keys. It can transmit encryption 
messages without prior exchange of keys and can implement digital 
Signatures that are legally binding. 


Public key cryptosystems are slow since they involve multiple- 
precision arithmetic on very large numbers (>19@ digits). The 
functional advantages of a public key cryptosystem can, however, 
be combined with the advantages of a private key cryptosystem 
(speed and availability of dedicated VLSI circuits) to forma 
hybrid system (Figure 2.5). 


To transmit a secret text, the sender (A) first generates a 
random key for encrypting the clear text by means of the fast DES 
algorithm. The random key is then encrypted using the 
complicated and slow public key method. Both the encrypted key 
and text are then transmitted to the receiver. The receiver 
first decrypts the key and then uses the decrypted key to decrypt 
the ciphered text. The authenticity of the text can be checked 
in a second pass. 


Splitting the job between the public key and DES algorithm makes 


sense since the protection of a standard message requires many 
more DES encryptions than public key encryptions. 
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For more information on Public Key Systems see: 


Burton, C. E. "RSA: A Public Key Cryptography System." Dr. Dobb's 
Journal, Mar 1984, 1621. 


Diffie, W. and Hellman, M. "New Directions in Cryptography." 
IEEE Transactions on Information Theory, IT=+22(6), Nov 1976, 


Gardner, M. "Mathematical Games." Scientific American, 237(2), 
Aug 1977, 120124 


Mueller=Schloer, Christian. "A Microprocessor=based Cryptoprocessor". 
IEEE Micro, Oct 1983, 5-15. 


Rivest, R.L., A. Shamir and L. Adleman. "A Method for 
Obtaining Digital Signatures and Public=Key Cryptosystems." 
Communications of the ACM, 21(2), Feb 1978, 120-126. 
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Figure 2.5. Hybrid System 


2.3. THE DCP FAMILY 
The DCP family consists of three devices: 


Am9518 3-MHzZ version, Z8000*=type bus interface 
up to 1.3 Mbyte/s ciphering throughput 


AmZ8068* 4“MHz version, Z8000=type bus interface 
' up to 1.7 Mbyte/s ciphering throughput 


Am9568 4-MHz version, 8086=type bus interface 
up to 1.5 Mbyte/s ciphering throughput 


*Z8000 is a trademark cf Zilog, Inc. 
*AmZ8068 is a trademark cf Advanced Micro Devices, Inc. 
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General Description Applicable to All Three Devices 


All three devices are designed to be used ina large variety of 
environments, including dedicated controllers, communication 
concentrators, terminals and peripheral task processors in 
general processor systems. Usually the DCP will be controlled by 
a standard microprocessor. In this kind of environment, the DCP 
is interfaced similarly to other peripherals with a multiplexed 
address/data bus (e.g., AmZ8030, AmZ8036*, and AmZ8073). This 
mode is called Multiplexed Control Mode. In data storage 
applications, the data can be passed from the CPU bus through the 
DCP to the mass storage controller. Most of the tape or hard 
disk controllers are based on microprogrammed logic. The DCP can 
be programmed to provide a special microprogrammed interface. 
This mode is called Direct Control Mode. 


The Multiplexed Control Mode provides a standard microprocessor 
interface. Chapters 4.1 to 4.11 show applications where the DCP 
cperates in Multiplexed Control Mode. Figure 2.6 shows the most 
Straightforward interface configuration; it is the single port 
configuration in Multiplexed Control Mode. In this 
configuration, all commands and data transferred between the CPU 
and DCP are passed through the Master Port. The keys for 
encryption and decryption may be entered through either the 
Master Port or the Auxiliary Port. The Master Key can cnly be 
entered through the Auxiliary Port. The Auxiliary Port is a 
separate port for key input only. It enhances the system 
security by separating the data path and the key path. In 
higher=speed data ciphering applications, the Master Port becomes 
the bottleneck of the system. Both the original text and the 
encrypted text have to be passed through this 8=bit port. 


The dual port configuration (Figure 2.7) eliminates this 
bottleneck. The text now flows through the devices. The CPU 
passes the original text through the Master Port, while the 
peripheral device removes the encrypted text from the Slave Port. 
The internal architecture of the DCP is highly pipelined. The 
CPU may enter one block cf data, while a previously entered biock 
is ciphered and while a third previously ciphered block may be 
read out. This pipelining yields data ciphering rates between 
10.6 and 14.2 Mbit/s. 


The Direct Control Mode (Figure 2.8) provides a special 
microprogrammed logic interface. In Direct Control Mode the 
Auxiliary Port becomes a control port for the microprogrammed 
logic. Unlike Multiplexed Control Mode, where the DCP is now 
controlled by programming internal registers, the DCP is 
controlled by three pins cf the Auxiliary Port. Two pins reflect 
the status of the device. In this mode, the DCP can execute only 
a subset cf its data ciphering commands, such as loading 
encryption or decryption keys and initiating encryption or 
decryption versions. 


*Z8030 and Z8036 are trademarks of Zilog, Inc. 
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The Mode Register defines the basic operating parameters such as 
ciphering mode (ECB, CBC, and CFB) and port configuration. [In 
Direct Control Mode this register cannot be programmed. However, 
a reset sets this register to its default value (see Chapter 
3.5). TO operate the DCP in modes different from the default 
mode, the DCP has to be switched to Multiplexed Control Mode to 
modify the Mode Register. Therefore, the C/K pin (selecting 
Multiplexed Control Mode or Direct Control Mode) should be mode 
programmable. Other operations such as loading the Master Key 
and the Initial Vector (IV) Registers require also that the DCP 
is switched to Multiplexed Control Mode. In Multiplexed Control 
Mode, the full data ciphering instruction set is provided. 


In Multiplexed Control Mode, the devices of the DCP family 
support two different types of microprocessor interfaces as shown 
below: 


Am9518/AmZ8968 


The Am9518 and AmZ8@68 (Figure 2.10) support a Z80@@-type 
interface. Figure 2.18 shows the basic timing. The Master Port 
Address Strobe (MAS) is active Low. The rising (i.e. trailing) 
edge latches the level of Master Port Chip Select (MCS) and the 
2-bit register address on MP, and MP5. Master Port Data Strobe 
(IMDS) provides the timing for the data transfer. The level on 
Read/Write (R/W) defines the data transfer direction. Timing 
parameter 42 of the product specification defines the set-up time 
of R/W to MDS. The rising edge of MDS must be synchronous to the 
falling edge of the clock. Most CPUs do not meet the specified 
narrow time range, so external synchronization logic must be 
added to satisfy this parameter. The interfaces in Chapter 4 show 
some approaches. 


Am9568 


The Am9568 (Figure 2.11) has a host CPU interface which is 
optimized for the iAPX microprocessor family. Figure 2.11 shows 
the basic bus timing. Master Port Address Latch Enable (MALE)_is 
active High. The falling (i.e. trailing) edge of ALE latches _MCS 
and the register address on MP, and MP5. Master Port Write (MWR) 
provides timing for a data write transfer, Master Port Read (MRD) 
provides timing for read transfers. Both strobes must be 
synchronous to the clock. The range is smaller than with the 
Am9518 or AmZ8@068. The Am9568 has advantages in applications 
requiring narrow address strobes or where it is difficult to 
satisfy the set-up time of R/W. 
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Vss [ 11 40] Vcc 
SPo| 2| 39] SP4 
SP1] 3 38] SPs 
SP2] 4 SP 
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AUX 34] AUXs 
Amzs06s_ 23] AUX2 | 8) 33] AUXs 
Am9518 Aux3] 9! Am9568 32] AUX? 
AFLG |10| 131] SFLG 
nete[in DCP Fa] SCS 
PAR |12) [29] SDS 
C/K [13] 128] MWR 
CLK [14] MALE 
MFLG [15| 26] MRD 
MPo 116| 25] MCS 
MP4 24] MP4 
MP2 [18] | 23] MPs 
MP3 22] MPs 
Vss [20] 21] MP7 
TOP VIEW TOP VIEW 
NOTE: PIN 11S MARKED FOR ORIENTATION NOTE: PIN 11S MARKED FOR ORIENTATION. 
04862A-12 04862A-13 
Figure 3.1 Am9518/AmZ8068 Connection Diagram Figure 3.2 Am9568 Connection Diagram 
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CHAPTER 3. FUNCTIONAL DESCRIPTION 


The heart of the DCP is the Data Encryption Standard (DES) 
algorithm unit that encrypts 64-bit blocks of clear text into 
corresponding 64-bit blocks of cipher text using a 56-bit key. 
The DCP can hold three keys simultaneously: a Master Key to 
generate session keys, an Encryption Key, and a Decryption Key. A 
block diagram of the internal structure is shown in Figure 2.4. 


The DCP has two 64-bit data registers: the Input and the Output 
Register. Transfers between these registers and the Master or 
Slave Port occur on the 8-bit input/output buses. The dual ports, 
Separate internal buses and separate input and output registers 
compose a highly pipelined data path that maximizes the 
throughput by allowing simultaneous input, ciphering and output 
operation. 


The 8-bit ports handle the 64-bit blocks of data one byte at a 
time. Each block is strobed into the Input Register with eight 
Data Strobes. The most significant byte is entered first. The 
result block can be read from the 64-bit Output Register, also 
one byte at a time with the most significant byte first. 


3.1. PORTS 


3.1.1. MASTER PORT 


The Master Port is an 8-bit wide (MPg-MP7) bidirectional port. 
The Mode, Command, and Status Register can be accessed only 
through this port. The port operation is associated with four 
control lines, which are defined differently for the two groups 
of devices. | 


Am9518/AmZ8968: 
- MCS Master Port Chip Select 
- MAS Master Port Address Strobe 
- MDS Master Port Data Strobe 
- R/W Read/Write 
Am9568 =: 
- MCS Master Port Chip Select 


- MALE Master Port Address Latch Enable 
- MRD Master Port Read 


- MWR Master Port Write 


21 


Chapter 3 


The DCP executes a hardware reset when two specific control lines 
are pulled active Low simultaneously. Namely: 


For the Am9518/AmZ8968 - MAS and MDS 


For the Am9568 wz MRD and MWR 


In Direct Control Mode the address strobe (MAS or MALE) is a 
"don't care". To prevent hardware resets by mistake, tie MAS High 
for Am9518/AmZ8@68 Direct Control Mode applications. 


In Multiplexed Control Mode the address strobe latches the level 
of MCS and the two-bit pointer address into one of the five 
internal registers. In systems with a multiplexed address/data 
bus, this relieves the external address decode circuitry of the 
responsibility for latching Chip Select. 


The Master Port Flag (MFLG) shows the status of the device. It 
corresponds to the Master Port Flag bit of the Status Register. 
Figure 3.3 shows the association of the Master Port Flag with the 
Input and Output Register. In dual port configuration, the Flag 
reflects the status of the Master Port; it is active if data can 
be transferred to or from the Master Port. Input or Output 
Operation depends on the Mode (Encryption or Decryption) and 
clear or ciphered text, at the Master Port. In single port 
configuration, this flag always reflects the status of the Input 
Register, independent of the mode. 


The terminology of the "strobes" is defined below: 


Address strobe Am9518/AmZ8968 MAS is strobed Low 
Am9568 MALE is strobed High 

Write strobe Am9518/AmZ8968 MDS is strobed Low, 
while MR/W is Low 

Am9568 MWR is strobed Low 

Read strobe Am9518/AmZ8968 MDS is strobed Low, 


while MR/W is High 
Am9568 MRD is strobed Low 
Entering encryption/decryption keys (clear or encrypted): 
The key registers are loaded by a command/data sequence. The 


following sequence of operations must be performed: 


- Provide MCS, address the Command Register (MP j=High, MP 2=High) 
and issue address strobe. 
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- Enter command code (see Figure 3.7) by presenting the 
appropriate one-byte command at the Master Port and 
issuing a write strobe. 


- Provide MCS, address the Input Register (MP,=Low, MP j=Low) and 
issue address strobe. 


- Load eight bytes of key data, one byte at a time, through 
Master Port. Keys are loaded one byte per write strobe, the 
most significant byte first. 


If the key is in encrypted form, the Master Key must be loaded 
first through the Auxiliary Port. Then the encrypted key can be 
loaded. The DCP decrypts this key internally using the Master Key 
and the ECB method. The clear session key is then stored in the 
appropriate key register. After loading the last byte of the 
encrypted key, no read/write to the internal registers is allowed 
for the subsequent 7@ clock cycles. 


A key can only be entered into the DCP; for security reasons it 
cannot be read back. Parity check logic in the DCP verifies that 
the key is entered correctly. The least significant bit of each 
byte of key is the parity check bit (odd parity). Flags in the 
Status Register are set if a parity error occurs during a key 
load sequence. 


Entering/reading the Initial Vector for Encryption (IVE) or 
Decryption (IVD): 


When using the Chain Block Cipher (CBC) or Cipher Feed Back (CFB) 
mode, the 64-bit IV Register must be initialized. The 
command/data sequence is similar to the sequence for entering 
keys. | 


Similar to the key, the IV can be loaded in either clear or 
encrypted form. The encrypted IV is decrypted using the 
Decryption Key (D Key) and ECB mode before loading the 
appropriate IV Register. The D Key must be loaded first. 


When the IV should be read out in encrypted form, it is first 
encrypted using the E Key and ECB mode. It takes 7@ clock cycles 
to encrypt or decrypt the IV. 


Entering or removing data: 
Depending on the Mode, either clear or encrypted data can be 
entered or removed from the Master Port. Data entered through the 
Master Port goes into the Input Register. Data removed from the 
Master Port comes from the Output Register. Data is transferred 
by the following sequence: 


- Provide MCS, address data register 
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- Transfer data bytes, one byte per write strobe or read strobe, 
starting with most significant byte. The data transfer is not 
limited to only one block. The device accepts data whenever 


the corresponding flag shows that the device is ready for a 
data transfer. 


After entering one block of data, the input flag becomes inactive 
for 5 clock cycles if the data can be transferred to the 
algorithm unit. If the algorithm unit is still busy or if the 
device is blocked because the output data is not read out, the 
input flag stays inactive. 


The output flag becomes active whenever data is in the Output 
Register. After removing one block, the output flag becomes 
inactive for 5 clocks if the algorithm unit can provide another 


block. If the algorithm unit is empty, the output flag stays 
inactive until data is ready again. 


Master Port in Direct Control Mode 


Master Port Chip Select (MCS) is not latched internally. It is 
passed directly to the internal circuitry. 


Enter clear E or D Key using the following sequence: 
- Provide MCS. 


- Set up appropriate code at the Auxiliary Port for E/D Key load 
(see Auxiliary Port description). 


- Strobe in eight bytes of the key, one byte per write strobe, 
most significant byte first. 


Enter or remove data: 


Depending on the configuration chosen by loading the Mode 
Register, the Master Port can be an input port, an output port or 
both. The mode determines the direction of data flow. The data 
access must agree with the mode. Thus data can only be read from 
the Master Port if the mode defines the Master Port as an Output 
Port, and data can only be written to the Master Port if it is 
defined as an Input Port. 


- Provide MCS. 
- Provide appropriate code at the Auxiliary Port. 


- Read or write one byte of data per read or write strobe 
Starting with the most significant byte of a block. 


3.1.2. SLAVE PORT 
The Slave Port is an 8-bit-wide, bidirectional port controlled by 


the Slave Port Chip Select (SCS) and the Slave Port Data Strobe 
(SDS). The direction of the data flow is determined by control 
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bits in the Mode Register. In both Multiplexed and Direct Control 
Mode, the Slave Port may be used for either data input or output 
operation. The Slave Port is only active if the dual port 
configuration is chosen. In dual port configuration, the Slave 
Port Flag (SFLG) reflects the status of the Slave Port (Figure 
3.3). If the flag is active, data can be strobed in or removed 
depending on the programmed data flow direction. In single port 
configuration (Master Port only) the Slave Port Flag represents 
the status of the Output Register. The Slave Port Flag 
corresponds to one bit of the Status Register. 


- Provide SCS. 


- Read or write one byte of data per strobe (SDS) beginning with 
the most significant byte. 


SCS is not latched internally, and may be tied permanently Low 
without impairing Slave Port operation. 


3.1.3. AUXILIARY PORT 


The Auxiliary Port has fundamentally different functions in 
Multiplexed Control Mode and in Direct Control Mode. 


The port is 8-bits wide and can be used for key input only. The 
status signal Auxiliary Port Flag (AFLG) becomes active whenever 
key data can be entered. The rising edge of the control signal 
Auxiliary Port Strobe (ASTB) strobes in the key data one byte at 
a time. ASTB is ignored unless AFLG and C/K are both Low. To use 
the Auxiliary Port for key entry, the following sequence can be 
performed: 








- Enter an appropriate command through the Master Port into the 
Command Register that requires Auxiliary Port operation; e.g.,. 
"Load Encrypted E Key through Auxiliary Port". 


- In response to these commands, the Auxiliary Flag (AFLG) 
becomes active Low. Eight bytes of key can then be entered 
by strobing Auxiliary Strobe (ASTB). AFLG becomes inactive 
shortly after the falling edge of the eighth strobe. 





The Master Key, which is needed to generate session keys, can 
only be loaded through the Auxiliary Port. A key loaded in 
encrypted form is decrypted using the Master Key and ECB mode. To 
guarantee the system security, a key cannot be read back. 


In this mode, the Auxiliary Port operates as a control port for 
the microprogrammed logic. A subset of the cipher processing 
commands can be executed. Three pins are control inputs, two pins 
are status outputs: 
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Figure 3.3. Association of Master Port Flag (MFLG) and Slave 
Port Flag (SFLG) with Input and Output Registers 


Am9518/AmZ8068 


wr [wa 
Fo [0 [0 [input Resister 
To [+ [0 [ouput Register 
Taro [0 | Command Register — 
ipo 
ee 










ak 
To | 0 [input Register 
ee 


Output Register 





Am9568 


[MWR | MCS | Register Addressed _ 
Le 
as 

















© 
Al 


0 | input Resistor 
* [0 | OutputRegister 
[0 [0 | Command Register 
[1 [0 | Status Register 
Px | 0 | Mode Register 
No Register Accessed 
[0 | inputRegister 
[0 [output Register 


04862A-15 





X 
fas 





Figure 3.4. Master Port Register Addresses 
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AUX7-K/D (Key/Data, Input) 


When this signal goes High, the DCP initiates a key-data input 
sequence as if a Load Clear E or D Key through Master Port 
command has been entered. The level on AUX¢-E/D determines 
whether the subsequently entered clear-key bytes are written into 
the E Key Register (E/D High) or into the D Key Register (E/D 
Low). 


AUX7—~K/D and AUXs5-S/S are mutually exclusive control lines; when 
one goes active (High), the other must be and remain inactive 
(Low) until the first returns to an inactive state. In addition, 
both lines must be inactive (Low) whenever a transition occurs on 
C/K (entering or exiting Direct Control Mode). 


AUX¢-E/D (Encrypt/Decrypt, Input) 


When AUXs5-S/S goes High, initiating a normal data ciphering 
operation, this input specifies whether the ciphering algorithm 
is to encrypt (E/D High) or decrypt (Low). 


When AUX7-K/D goes High, initiating entry of key bytes, the level 
on AUX¢6-E/D specifies whether the bytes are to be written into 
the E Key Register (E/D High) or the D Key Register (E/D Low). 


The AUX¢-E/D input is not latched internally, and must be held 
constant whenever one or more of AUXs5-S/S, AUX7-K/D, AUX9-BSY, or 
AUX3-CP_are active. Failure to maintain the proper level on 
AUX¢-E/D during loading or ciphering operations will result in 
scrambled data in the internal registers. 


AUX5-S/S (Start/Stop, Input) 


When this pin goes Low (Stop) the DCP will follow the sequence 
that would normally occur were a Stop command to be entered. 
Conversely, when this pin goes High, a sequence equivalent to a 
Start Encryption or Start Decryption command will be followed. 
At the time AUX5-S/S goes High, the level on AUX¢-E/D (see above) 
selects either the Start Encryption or Start Decryption 
interpretation. 


AUX3-CP (Command Pending Output) 


This active Low status output gives a hardware indication that 
the DCP is ready to accept input of key bytes following a Low-to- 
High transition on AUX7-K/p. AUX3-CP is driven by the CP bit in 
the Status Register (see Register Description), such that when 
the CP bit is "1" (active), AUX3-CP is Low. 
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AUX5—BSY (Busy, Output) 


This active Low status output gives a hardware indication that 
the ciphering algorithm is in operation. AUX j-BSY is driven by 
the BSY bit in the Status Register, such that when the BSY bit is 
"1" (active), AUX 9-BSY is Low. 


AUXg,1,4 -Not used. 


The Mode, Command, or Status Registers are not directly 
accessible in Direct Control Mode. A subset of commands can be 
executed by controlling pins of the Auxiliary Port as described 
above. . 


In most Direct Control Mode applications, the C/K input pin, 
which selects Multiplexed or Direct Control Mode, must be 
programmable. It allows the user to initialize the DCP in 
Multiplexed Control Mode, to choose a mode other than the default 
mode, to load the Master Key, to generate session keys, or to 
load the Initial Vectors. After doing this the device can be 
switched to Direct Control Mode by raising the level at the C/K 
input pin to High. 


C/K can be tied High if the user wants the DCP to operate in the 
default mode (i.e. ECB, dual port configuration, Master Port 
handles clear text, and Slave Port handles encrypted text). 


3.1.4. KEY AND DATA LOAD IN DIRECT CONTROL MODE 


In Direct Control Mode, keys can only be entered through the 
Master Port. This is accomplished in the following manner: 


- Hold AUX¢-E/D High when loading the encryption key or hold it 
Low when loading the decryption key. 


- Keep AUXs-s/§ Low. 


- Hold AUX7-K/D High and issue eight write strobes at the 
Master Port as described in the Master Port section. 


The levels of AUXs_7 should be held constant throughout the 
entire operation. 


The data transfer is similar to the key load. AUX ¢-E/D and the 
selected mode determine the data flow direction. In the default 
mode where the Master Port handles clear data while the Slave 
Port handles encrypted data, a High on AUX¢-E/D (encryption mode) 
defines the Master Port as an input port for the clear data and 


the Slave Port as an output port for the ciphered data. If AUX6- 
E/D is switched to Low (decryption mode) the data flow direction 
is turned around. The Slave Port is now the input port for the 
encrypted data. The Master Port becomes the output port of the 
deciphered or clear data. A data ciphering session is set up as 
follows: 
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- Set AUXg-E/D to the appropriate level. 
-~ Keep AUX7-K/D Low the entire session. 


- Set AUX5-S/S High to start the ciphering session. 
3.2. REGISTERS 


In Multiplexed Control Mode, five internal registers can be 
directly accessed: 


- Command Register (write only) 
- Status Register (read only) 
- Mode Register (read/write) 
- Input Register (write only) 
- Output Register (read only) 


In Direct Control Mode, only the Input and Output Registers are 
addressable through the Master Port. The register addresses are 
shown in Figure 3.4. The Input and Output Registers and the 
Command and Status Registers each have the same address. A read 
Or write access determines which register is selected. 


TO gain access to any of these registers in Multiplexed Control 
Mode, execute the following sequence: 


- Provide MCS and the register address. 
-~ Provide address strobe. 


- Read or write the addressed register by issuing a read or 
write strobe. 


Command Register 


Data written to the 8-bit, write-only Command Register through 
the Master Port is interpreted as an instruction. The commands 
and their hexadecimal representations are summarized in Figure 
3.7. A detailed description of these commands is given in the 
section “Commands". 


Status Register 


The 8-bit, read-only Status Register (see Figure 3.5) has the 
Same address as the Command Register. The status bits PAR, AFLG, 
SFLG, and MFLG indicate the status on the like-named output pins. 
Note, however, the status bits are active High, whereas the 
status pins are active Low. Additionally, in Direct Control Mode 
two pins of the Auxiliary Port reflect the flag bits CP and BUSY. 
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MASTER PORT FLAG 
0=INACTIVE 
1=ACTIVE 


SLAVE PORT FLAG 
0=INACTIVE 
1=ACTIVE 


AUXILIARY PORT FLAG 
0=INACTIVE 
1=ACTIVE 


PARITY (PAR) 
0= ODD PARITY 
1 =EVEN PARITY 


LPAR 
0=ALL BYTES HAD 
ODD PARITY 
1 =ONE OR MORE BYTE 
HAD EVEN PARITY 


BUSY 
0 =NOT BUSY 
1=BUSY 


COMMAND PENDING 
0=INACTIVE 
1=ACTIVE 


START/STOP 
0=STOP ENTERED 
1 =START ENTERED 


04862A-16 


Figure 3.5. Status Register Bit Assignments 
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RESERVED a i CIPHER TYPE 


00 = ELECTRONIC CODE BOOK 
(DEFAULT) 

01 = CIPHER FEEDBACK 

10 = CIPHER BLOCK CHAIN 

11 = RESERVED 





PORT CONFIGURATION 
00 = DUAL PORT, MASTER ENCRYPTED, 
SLAVE CLEAR 
01 = DUAL PORT, MASTER CLEAR, 
SLAVE ENCRYPTED (DEFAULT) 
10 = SINGLE PORT, MASTER ONLY 
11 = RESERVED 


ENCRYPT/DECRYPT 


1 = ENCRYPT 


0 = DECRYPT 
04862A-17 


Figure 3.6. Mode Register Bit Assignments 


30 


Chapter 3 


The parity bit (PAR) indicates the parity of the most recently 
entered key byte. If this byte had even parity, the parity bit is 
set to signal a parity error. 


The second parity bit (LPAR) stores the parity error. It is set 
if any one key byte had even parity since the last Reset or Load 
Key command. 


The Busy bit will be a "1" whenever the ciphering algorithm unit 
is actively encrypting or decrypting data, either as a response 
to a command such as Load Encrypted Key (in which case the 
Command Pending bit will be a "1"), or in the ciphering of 
regular text (indicated by the Start/Stop bit being a "1"). The 
Busy bit will remain a "1", even after ciphering is complete, if 
the ciphered data cannot be transferred to the Output Register 
because it contains output from a previous ciphering cycle. Busy 
will be "@" at all other times, including the case where no 
ciphering is possible because no data has been written to the 
Input Register. 


The Command Pending bit will be set to "1" by a command that 
requires the transfer of data to or from a non-addressable 
internal register, such as when writing key bytes to the E Key 
Register or reading bytes from the IVE Register. Thus, Command 
Pending will be set following all commands except the three Start 
commands, the Stop command and the Software Reset command. 
Command Pending will return to "@" after all eight bytes have 
been transferred following Load Clear, Read Clear or Read 
Encrypted commands; and after data has been transferred, 
decrypted and loaded into the desired register following Load 
Encrypted commands. 


The Start/Stop bit is set to "1" when one of the Start commands 
is entered, and is reset to "@" whenever a reset occurs or when a 
command other than a Start is entered. 


Mode Register 


Bit Assignments in the 5-bit read/write register are shown in 
Figure 3.6. The Cipher Type bits (M1, Mg) indicate to the DCP 
which ciphering algorithm is used. On reset, the Cipher Type 
defaults to Electronic Code Book. 


Configuration bits (M3, M9) indicate which data ports are 
associated with the Input an Output Registers and flags. When 
these bits are set to the Single Port, Master Port-only 
configuration (M3, M2=1@, ) the Slave Port is disabled and no 
manipulation of St ave Bore Chip Select (SCS) or Data Strobe (SDS) 
can result in data movement through the Slave Port; all data 
transfers are accomplished through the Master Port. Both MFLG 
and SFLG are used in this configuration; MFLG gives the status of 


the Input Register and SFLG, the status of the Output Register. 








When the Configuration Bits are set to one of the Dual Port 
configurations (M3, M2=@0pB or O1pB), both the Master and Slave 
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Ports are available for input and output. When M3, mM9=91p (the 
default configuration), the Master Port handles clear data while 
the Slave Port handles encrypted data. Configuration M3, M9=00p 
reverses this assignment. Actual data direction at any 
particular moment is controlled by the Encrypt/Decrypt bit. 


The Encrypt/Decrypt bit (Mg) instructs the DCP algorithm 
processor to encrypt or decrypt the data from the Input Register 
using the ciphering method specified by the Cipher Type bits. 
The Encrypt/Decrypt bit also controls data flow within the DCP. 
For example, when the configuration bits are "@lp" (Dual Port, 
Master Clear, Slave encrypted) and the Encrypt/Decrypt bit is "1" 
(encrypt), clear data will flow into the DCP through the Master 
Port and encrypted data will flow out through the Slave Port. 
When the Encrypt/Decrypt bit is set to "@" (decrypt), data flow 
reverses. 


Input Register 


The 64-bit, write-only Input Register is organized to appear to 
the user as eight bytes of push-down storage. A status circuit 
monitors the number of bytes that have been stored. The register 
is considered empty when the data stored in it has been or is 
being processed; it is considered full when one byte of data has 
been entered in cipher feedback or when eight bytes of data have 
been entered in Electronic Code Book or Cipher Block Chain. If 
the user attempts to write data into the Input Register when it 
is full, the Input Register will disregard this attempt; no data 
in the register will be destroyed. 


Output Register 


The 64-bit, read-only Output Register is organized to appear to 
the user as eight bytes of pop-up storage. A status circuit 
detects the number of bytes stored in the Output Register. The 
register is considered empty when all the data stored in it has 
been read out. It is considered full if it contains one or more 
bytes of output data. If a user attempts to read data from the 
Output Register when it is empty, the buffers driving the output 
bus will remain in a three-state condition. 


The following multibyte registers cannot be directly addressed, 
but are loaded or read in response to commands written to the 
Command Register. (See Commands.) 


- Master Key Register (write only) 
- Encryption Key Register (write only) 
- Decryption Key Register | (write only) 
_ Initial Vector for Encryption (read/write) 
- Initial Vector for Decryption (read/write) 
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Master Key Register 


The 56-bit Master Key Register can be loaded only with clear data 
through the Auxiliary Port. The load has to be preceded by the 
command "Load Clear M Key through Auxiliary Port". The Master Key 
is used to generate session keys. The correctness of entering the 
key can be verified by checking the LPAR bit of the Status 
Register. 


Encryption and Decryption Key Register 


The 56-bit Encryption Key or the 56-bit Decryption Key can be 
loaded through the Master Port or Auxiliary Port, in clear or in 
encrypted form. If the key is loaded in encrypted form, it is 
first routed to the Input Register, to be decrypted using the 
Master Key. It is then transferred to the appropriate key 
register. 


Initial Vector Registers 


Two 64-bit Initial Vector Registers are provided to store 
feedback values for CBC and CFB mode. Both registers can be 
loaded or read out through the Master Port in either clear or 
encrypted form. The E Key is used to decrypt the IV and the D Key 
to encrypt the IV utilizing the ECB mode. These registers have to 
be initialized only for CBC and CFB. The value is exclusive OR'ed 
with the first data block. Then the register is reloaded or 
modified. For detailed information refer to the section "Modes of 
Operation" in Chapter 2.2. 


For test purposes these registers can be read out. Before reading 
the Initial Vectors, the Output Register must be flushed out by 
removing all data or by issuing a Reset. The IVs are eight bytes 
long and loaded one byte at a time with the most significant byte 
first. No parity check is done on these vectors. 


3.3. COMMANDS 


All operations of the DCP result from command inputs, which are 
entered in Multiplexed Control Mode by writing a command byte to 
the Command Register. Commands are entered in Direct Control 
Mode by_raising and lowering the logic levels on the AUX7-K/D, 
AUX¢-E/D and AUX5-S/S pins. Figure 3.7 shows all commands that 
may be given in Multiplexed Control Mode. Figure 3.8 shows that 
subset executable in Direct Control Mode. 
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Hex . 
Code Command 


90 Load Clear M Key through Auxiliary Port 
Load Clear E Key through Auxiliary Port 
Load Clear D Key through Auxiliary Port 
Load Clear E Key through Master Port 
Load Clear D Key through Master Port 
















Load Encrypted E Key through Auxiliary Port 
Load Encrypted D Key through Auxiliary Port 
Load Encrypted E Key through Master Port 
Load Encrypted D Key through Master Port 


Load Clear IVE through Master Port 
Load Clear IVD through Master Port 

Load Encrypted IVE through Master Port 
Load Encrypted IVD through Master Port 


Read Clear IVE through Master Port 
Read Clear IVD through Master Port 

Read Encrypted IVE through Master Port 
Read Encrypted !VD through Master Port 


Encrypt with Master Key 
Start Encryption 

Start Decryption 

Start 


Stop 
Software Reset 


04862A-18 






























Figure 3.7. Command Codes in Multiplexed Control Mode | 
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Start Decryption 
Start Encryption 
Stop 


Load D Key Clear 
through Master Port 


L Load E Key Clear 
through Master Port 

L End Load Key 
Command 


Not Allowed 


AUX Pins Become 
Key-Byte Inputs 


L 
H 
X 
L 
H 
X 
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Figure 3.8. Implicit Command Sequences in Direct Control Mode 
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Load Clear M Key Through Auxiliary Port (98 q) 
Load Clear E Key Through Auxiliary Port (91 4) 


Load Clear D Key Through Auxiliary Port (92 qy) 


These commands override the data flow specifications set in the 
Mode Register and cause the Master (M), Encrypt (E), or Decrypt 
(D) Key Register to be loaded with eight bytes written to the 
Auxiliary Port. After the Load command is written to the Command 
Register, the Auxiliary Port Flag (AFLG) will go active (Low), 
and the corresponding bit in the Status Register (S37) will go to 
"1", indicating that the device is able to accept key bytes at 
the Auxiliary Port pins. Additionally, the Command Pending bit 
(Sg) will go to "1" during the entire loading process. 


Each byte is written by placing an active Low signal on the 
Auxiliary Port Strobe (ASTB) once data has been set up on the 
Auxiliary Port pins. The actual write process occurs on the 
rising (trailing) edge of ASTB. 


The Auxiliary Port Flag (AFLG) will go inactive immediately after 
the eighth strobe goes active (Low), but, the Command Pending bit 
(Sg) will remain "1" for several more clock cycles, until the key 
loading process is completed. All key bytes are checked for 
correct (odd) parity as they are entered (see Parity Checking). 


Load Clear E Key Through Master Port (11q) 
Load Clear D Key Through Master Port (12,;,) 


These commands are available in both Multiplexed Control and 
Direct Control Modes. They override the data flow specifications 
set in the Mode Register and attach the Master Port inputs to the 
Encrypt (E) or Decrypt (D) Key Register, aS appropriate, until 
eight key bytes have been written. In Multiplexed Control Mode, 
the command is initiated by writing the Load command to the 
Command Register. In Direct Control Mode, the command is 
initiated by raising the AUX7-K/p control input while the AUX«c- 
S/S input is Low. In this later case, the level on AUX6-E/D 
determines which key register is written (High=E-Key Register, 
Low=D-Key Register). 


Once the command has been recognized, the Command Pending bit (S 

in the Status Register) will go to "1", and in Direct Control 
Mode AUX3-CP will go active (Low), indicating that key entry may 
proceed. The host system then writes exactly eight bytes to the 
Master Port (at the Input Register address in Multiplexed Control 
Mode). When the key register has been loaded, Command Pending 
will return to "@", and in Direct Control Mode the AUX3-CP output 
will go inactive, indicating that the DCP can accept the next 
command. 
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Load Encrypted E Key Through Auxiliary Port (B1j) 
Load Encrypted D Key Through Auxiliary Port (B2y) 


Execution of these commands (in Multiplexed Control Mode only) is 
Similar to the Load Clear E (D) Key Through Auxiliary Port, 
except that key bytes are first decrypted using the Electronic 
Code Book algorithm and the Master (M) key, and then loaded into 
the appropriate key register, after having passed through the 
parity check logic (see Parity Checking). 


The Command Pending bit (S¢) will be "1" during the entire 


decrypt-and-load operation. In addition, the Busy bit (S5) will 
be "1" during the actual decryption process. 


Load Encrypted E Key Through Master Port (31) 
Load Encrypted D Key Through Master Port (324) 


These commands (in Multiplexed Control Mode only) are similar in 
effect to the Load Clear E (D) Key Through Master Port, except 
that key bytes are initially decrypted using the Electronic Code 
Book algorithm and the Master (M) Key, and then loaded byte-by- 
byte into the target key register, after having passed through 
the parity check logic (see Parity Checking). . 


The Command Pending bit (S6) will be "1" during the entire 
decrypt-and-load operation. In addition, the Busy bit (Ss) will 
be "1" during the actual decryption process. 


Load Clear IVE Register Through Master Port (85,,) 
Load Clear IVD Register Through Master Port (84y) 


These commands (in Multiplexed Control Mode only) are almost 
identical to Load Clear E (or D) Key Through Master Port except 
that the data written to the Input Register address is routed to 
the Encryption Initial Vector (IVE) or Decryption Initial Vector 
(IVD) Register instead of a key register, and no parity checking 


occurs. Command Pending (S6) is a "1" during the entire loading 
process. 


Load Encrypted IVE Register Through Master Port (A5,) 
Load Encrypted IVD Register Through Master Port (A4y) 


These commands are analogous to the Load Encrypted E (or D) Key 
Through Master Port commands. The data flow specifications set 
in the Mode Register are overridden and the eight vector bytes 
are decrypted using the Decryption (D) Key and the Electronic 
Code Book algorithm. The resulting clear vector bytes are loaded 
into the target Initial Vector Register, and no parity checking 
occurs. The Busy bit (Ss) does not go to "1" during the 


decryption process, but Command Pending (86) will be "1" during 
the entire decryption-and-load operation. 
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Read Clear IVE Register Through Master Port (8Dy) 
Read Clear IVD Register Through Master Port (8C,,) 


The effect of these commands (in Multiplexed Control Mode only) 
is to override the data flow specifications set in the Mode 
Register and to connect the appropriate Initial Vector Register 
to the Master Port at the Output Register address. In this 
state, each IV Register appears as eight bytes of FIFO storage. 
The first byte of data will be available 6 clocks after the 
loading the Command Register. The Command Pending bit will be set 
to "1" and will remain a "1" until sometime after the eighth byte 
is read out. The host system has the responsibility to read out 
exactly eight bytes. 


Read Encrypted IVE Register Through Master Port (A9,) 
Read Encrypted IVD Register Through Master Port (A8qy) 


The effect of these commands (in Multiplexed Control Mode only) 
is to override the specifications set in the Mode Register and to 
encrypt the contents of the specified Initial Vector Register 
using the Electronic Code Book algorithm and the Encrypt (E) Key. 
The resulting cipher text is placed in the Output Register, from 
which it can be read out as eight bytes through the Master Port. 
During the actual encryption process the Busy bit: (Sc) will be 
"1", When Busy goes to "9", the encrypted vector bytes are ready 
to be read out. Command Pending (S¢) will be "1" during the 
entire encryption-and-output process, and will go to "9" when the 
eighth byte is read out. The host system is responsible for 
reading out exactly eight bytes. 


Encrypt with Master (M) Key (39,) 


This command, in Multiplexed Control Mode only, overrides the 
data flow specifications set in the Mode Register and causes the 
DCP to accept eight bytes from the Master Port, written to the 
Input Register. When eight bytes have been received, the DCP 
encrypts the input using the Master (M) Key. The encrypted data 
is loaded into the Output Register, where it may be read out 
through the Master Port. The Command Pending (S¢) and Busy (Ss) 
bits are used to sense the three phases of this operation. 
Command Pending goes to "1" as soon as the Input Register can 
accept data. When exactly eight bytes have been entered, the 
Busy bit will go to "1" until the encryption process is complete. 


When Busy goes to "@", the encrypted data is available to be read 
out. Command Pending will return to "@" when the eighth byte has 
been read. 


Start Encryption (41),) 


Start Decryption (49) 
Start (C915) 


The three “Start" commands begin normal data ciphering by setting 


the Start/Stop bit (S7) in the Status Register to "1". The Start 
Encryption and Start Decryption commands explicitly specify the 
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ciphering direction by forcing the Encrypt/Decrypt bit (My) in 
the Mode Register to "1" or "@", respectively, whereas Start uses 
the current state of the Encrypt/Decrypt bit, as specified ina 
previous Mode Register load. | 


When a Start command has been entered, the Port Status Flag (MFLG 
or SFLG) associated with the Input Register will become active 
(Low), indicating that data may be written to the Input Register 
to begin ciphering. 





In Direct Control Mode, the Start command is issued by raising 


the level on the AUXs-S/S input (see Figure 3.8). The ciphering 
direction is specified by the level on AUX¢6- E/D- If 

AUX6- -E/D is High when _AUX5— s/s goes High, the command is Start 
Encryption. If AUX¢6-E/D is Low, it is Start Decryption. 


Stop (E9p) 


The Stop command clears the Start/Stop bit (S 7) in the Status 
Register. This causes the input flag (MFLG or 'SFLC) to become 
inactive and inhibits the loading of any further input into the 
algorithm unit. If ciphering is in progress (Busy bit (Ss) is 
"1" or AUX9-BSY is active), the ciphering process is terminated. 
Any data in the Output Register will remain accessible (except in 
CFB mode). In CFB mode, the last byte of data must be read out 
before issuing the Stop command. 


In Direct Control Mode, the Stop command is implied when the 
Signal level on the AUXs-S/S input goes from High to Low (see 
Figure 3.8). 


Software Reset (99y) 


This command has the same effect as a hardware reset; it forces 
the DCP back to its default configuration, and all processing 
flags go inactive. In the default configuration the Mode 
Register is set to Electronic Code Book cipher type, and Dual 
Port Configuration with Master Port clear, Slave Port encrypted. 


3.4. PARITY CHECKING OF KEYS 


To enhance system security, the DCP provides no way to read back 
the keys. A parity check on each byte of key input guarantees 
the user that the key is entered correctly. 


Key bytes are considered to contain seven bits of key information 
and one parity bit. The parity checking circuit is enabled 
whenever a byte is written to one of three key registers. The 
output of the parity detection circuit is connected to pin PAR 
and the state of this pinis reflected in Status Register bit PAR 
(S3). Status Register bit PAR goes to "1" whenever a byte with 
even parity (an even number of "1s") is detected. In addition to 
the PAR bit, the Status Register has a Latched Parity Bit (LPAR, 
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S4) which is set to "1" whenever the Status Register PAR bit goes 
to. LL". Once set, the LPAR bit is not cleared until a reset 
occurs or a new Load Key command is issued. 


When an encrypted key is entered, the parity detect logic 
operates only after the decrypted key is avaiiable. The 
encrypted data is not checked for parity. The PAR signal will 
reflect the state of the decrypted bytes on a byte-to-byte basis, 
as they are clocked through the parity check logic on their way 
to the Key Register. Thus, the time PAR indicates the status of 
a byte of decrypted key data may be as short as four clock 
cycles. The LPAR bit in the Status Register will indicate if any 
erroneous bytes of key were entered. 


3.5. INITIALIZATION 


After power up the DCP must be reset in one of several possible 
ways. Under some conditions the DCP is reset automatically (e.g., 
aborting a command). 


Hardware Reset: 
Am9518/AmZ8068: MAS and MDS are Low simultaneously 
Am9568:3 MRD and MWR are Low simultaneously 


Figures 3.9 and 3.18 show the reset timings. Parameter 5 
specifies the minimum strobe widths; parameter 6 the hold time to 
the rising edge of the clock. The strobe width may be wider than 
specified by parameter 5. In this case the strobe has to meet 
only the set-up time (parameter 5 minus parameter 6) and hold 
time (parameter 6) to at least one rising edge of the clock. 
This means, for strobes wider than one clock period, the trailing 
edge does not have to be synchronized to the rising edge of the 
clock. 


Software Reset: 


The DCP can be reset by software in three ways: 


- Issue the Software Reset command (@@y)- 


- Load the Mode Register. 


- The DCP is reset by aborting any command, i.e., by entering 
any command before the previous command is completely 
executed or terminated. The abort does not destroy the Mode 
Register; it only resets the flags. 


A reset sets the Mode Register to the default value "14,."_ [It 
selects encryption, ECB mode, and dual port configuration with 
Master Port clear data and Slave Port encrypted data. The 
reserved bits of the Mode Register are read back as "ls". 
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Figure 3.10. Am9568 Clock and Reset 
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Figure 3.11. Am9518/AmZ8068 Reset Logic 
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Figure 3.12. Am9568 Reset Logic 
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Figures 3.11 and 3.12 show hardware reset circuits which 
guarantee that the strobes are synchronous to the rising edge of 
the clock. 


3.6. MULTIPLEXED CONTROL MODE 


This chapter describes in detail which steps must be executed to 
operate the DCP using ECB, CBC, and CFB in Multiplexed Control 
Mode. All the program sequences are set up for a Master Port-only 
configuration. The device at the Master Port handles both input 
and output data. To set the DCP up for pipelined operation, 
strobe in additional data after initializing the device and 
before entering the data transfer loop (see Chapter 3.9). 


For dual port configuration, the same basic program sequence can 
be executed, modifying only the data transfer session. Now the 
CPU handles either input or output data, so one transfer task 
must be removed from the command sequence. The high-speed 
peripheral connected to the Slave Port executes the remaining 
task. Data can be put in or read back concurrently. 


3.6.1. ECB OPERATION 
Figure 3.13 shows the program sequence. 


Step 1: A hardware or software reset clears all Status Register 
flags and sets the Mode Register to the default 
condition. 


Step 2: The Mode Register is loaded via the Master Port. The 
loaded value determines the port configuration, the mode 
of operation (ECB, CBC, or CFB) and encryption or 
decryption. For example, to enter clear data through the 
Slave Port and remove encrypted data from the Master 
Port using ECB mode for encryption, the Mode Register is 
loaded with 18, (see Chapter 3.2, "Mode Register"). 


Step 3: The clear encryption or decryption key can be loaded 
through either the Master Port or the Auxiliary Port. 
After entering the appropriate command, the Command 
Pending bit of the Status Register becomes active (High) 
until the entire 8-byte key is entered with the most 
Significant byte first. 


Step 3A: Step 3A and 3B can be performed as an alternative to 
Step 3. In these two steps, the keys are loaded in 
encrypted form. The Master Key Register has to be loaded 
first for decrypting encrypted keys. The appropriate 
command is "Load M Key Through Auxiliary Port" (9@,), 
When this command is entered, the Auxiliary Flag in the 
Status Register goes active High and the AFLG output pin 
goes Low. The DCP expects data input through the 


41 


RESET qi RESET 


LOAD 


zs MODE REG 


LOAD 
MODE REG 


ny 


LOAD 
M KEY 


ra) 
> 


LOAD 
LOAD CLEAR 
M KEY 3. E/D KEY 


> 


atte 


































LOAD TOAD 
3. CLEAR 3B | ENCRYPTED 
E/D KEY E/D KEY 
LOAD 
3B. ENCRYPTED 
E/D KEY 
LOAD 
— 
- 
‘ ENTER . 
"| START COMMAND LOAD 
3.1.B ENC. IV 
-. 4 one 
5 “| START COMMAND 
YES 
5, LNO~ ‘input FLAG 
ACTIVE 
; INPUT 2 
; DATA VES 
Y 
7. 
7 OUTPUT FLAG SSNO 
ACTIVE 
2 
‘ REMOVE YES 
; DATA 
. 
: DATA 
9. NO END OF 
9 SESSION 
? 
YES 
04862A-25 
04862A-24 
Figure 3.13. ECB Operation Flow Chart Figure 3.14. CBC Operation Flow Chart 


42 


Step 3B: 


Step 4: 


Step 5: 


Step 6: 


Step 7: 


Chapter 3 


Auxiliary Port. The Master Key is entered by strobing in 
eight bytes, one byte per Auxiliary Strobe (ASTB), most 
Significant byte first. 


The encrypted E or D Key can be loaded through the 
Master or Auxiliary Port. Chapter 3.3 lists the 
commands. 


The DCP recognizes three start commands: "Start 
Encryption", "Start Decryption" and "Start". The first 
commands set or reset the Encryption/Decryption bit of 
the Mode Register. If the "Start" command is issued, the 
Mode Register stays unchanged and the DCP is ready to 
process data according to the existing Mode Register bit 
configuration. 


After entering a Start command, the DCP indicates 
readiness for data input by activating the Input 
Register flag. Data then can be entered through the 
assigned input port. 


NOTE: Ports are assigned on a Clear or Encrypted text 
basis. In dual port configuration, a change from 
encryption to decryption reverses the data flow 
direction. The ports are reassigned; the former input 
port becomes now an output port and vice versa. This 
reflects the logical situation in most applications. A 
good example is a hard disk application: For data 
security the data is stored in encrypted form on the 
hard disk. When writing to the disk, the data is 
encrypted by flowing through the DCP to the disk 
controller. When reading back, the DCP is programmed for 
decryption mode, and the data flows in the reverse 
direction from the disk controller to the system memory. 


Two flags are associated with the data registers, the 
MFLG and the SFLG. For flag description see Chapter 3.1. 
These flags can be sensed by software or hardware. 
The CPU can monitor the bits of the Status Register by 
software; the two output pins can drive a Ready/Wait or 
DMA Request logic. Note that the Status Register bits 
are active High, whereas the flag output pins are active 
Low. 


Whenever the input flag is active, the DCP is ready to 
accept data. Data is transferred to the 64-bit Input 
Register one byte at a time, most significant byte 
first. When the Input Register is full (i.e., all eight 
bytes of data are entered) the input flag becomes 
inactive and the data is transferred via the internal 
bus to the algorithm unit. 


Whenever the output flag becomes active, data can be 
removed from the Output Register. 
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Step 8: Data is removed from the output port one byte at a time 
with the most significant byte first. The output flag 
becomes inactive when the eighth byte is removed, 
indicating that the transfer is complete. 


Step 9: Loop through Step 5 through 8 until the ciphering 
session should be terminated. 


Step 10: The session is terminated by issuing the "Stop" command. 
After termination, all remaining processed data will be 
available at the output port until the DCP is reset. 
Thus the "Stop" command can be issued after transferring 
the last input block. When all data is removed, all flag 
bits of the Status Register are inactive (@@y)- TO 
resume the ciphering session with the same parameters, 
issue a Start command as in Step 4 and proceed. 


Before restart, any data from the previous session must 
be removed or it will be lost. 


3.6.2. CBC OPERATION 


A flow chart of CBC Operation in Multiplexed Control Mode is 
given in Figure 3.14. The flow chart of Cipher Block Chaining is 
very Similar to ECB operation except that the IV Register must 
be loaded. The Initial Vector can be entered in clear (Step 3.1) 
Or encrypted form (Step 3.1A and 3.1B). Listed below are those 
steps which differ from the ECB instruction sequence: 


Step 3.1: Issue “Load Clear IV through Master Port™ command and 
strobe in 8 bytes of IV, most significant byte first. 
The Initial Vector can only be loaded through the 
Master Port to the address of the Input Register. 
After the command is issued the Command Pending bit 
in the Status Register becomes active for the 
following IV transfer. 


Step 3.1A: If the Initial Vector is entered in encrypted form, 
the vector is decrypted utilizing the D-Key before 
being loaded in the appropriate register. If the D-Key 
is not entered in Step 3, it must be entered now. 


Step 3.1B: Issue "Load Encrypted IV through Master Port" command 
and strobe 8 bytes of encrypted IV into the Input 
Register, most significant byte first. The DCP then 
decrypts this Initial Vector using the D-Key in ECB 
mode, and loads it into the IV Register. The bits of 
the Mode Register are not affected. This sequence 
works for entering the IV for encryption (IVE) and 
decryption (IVD). 


3.6.3. CFB OPERATION 


The flow chart for the instruction sequence in CFB mode is very 
Similar to the CBC mode. The DCP is programmable to execute 
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Single-byte CFB Operation. In CFB, the Input and Output Registers 
can hold only one byte each. 


The IV is ciphered by the algorithm unit. The result is then 
EXORed with the input byte which is treated as the most 
Significant byte. The EXOR result is loaded into the Output 
Register to be read out by the CPU and is also shifted into the 
current IV Register. The lower seven bytes of the result block 
are discarded (see Chapter 2.2.). 


The Output Register must be emptied in CFB mode before issuing a 
"Stop" command. The session can be resumed after stop by issuing 
"Start". 

If the user has to stop in the middle of a data block input (ECB 
or CBC) operation in Multiplexed Control Mode, the following 
instruction sequence should be used to avoid erroneous data: 

- Issue "Stop" command. 

- Read all output data available. 

- Reload the Mode Register. 


- Issue "Start" command. 


- Check for input flag active then resume data input. 


3.7. DIRECT CONTROL MODE 


The DCP operates in Direct Control Mode when the C/K input pin is 
High. The commands are issued by controlling the pins of the 
Auxiliary Port (see Chapter 3.1). The Mode Register cannot be 
accessed in Direct Control Mode. 


The state of the E/D and K/D pins should be held constant 
throughout the entire loading process. The state of S/S must be 
held constant throughout the entire data ciphering session. 


3.7.1. ECB OPERATION 


A flowchart of ECB operation in Direct Control Mode is shown in 
Figure 3.15. An explanation of each step is given below: 


Step l: It is advisable to have the C/K pin programmable if the 
DCP is intended to operate in Direct Control Mode. C/K 
must be pulled Low (Multiplexed Control Mode) to access 
the Mode and Master Key Register in the initialization 
phase. 
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Figure 3.15. Direct Control Mode ECB Operation 
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Figure 3.16. Direct Control Mode CBC/CFB Operation 
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C/K can be tied High permanently if the application 
requirement is the same as the default condition of the 
DCP. In the default condition, the Mode Register is set 
up for ECB encryption with Master Port assigned to clear 
data and Slave Port assigned to encrypted data. No 
session keys can be generated; only clear keys can a 
entered. The default condition may be achieved by __ 


hardware reset (applying a Low to MAS and HDe 
(Am9518/AmZ8068) or MRD and MWR (Am9568) simultaneously). 


If the default mode is not practical, switch to 
Multiplexed Control Mode and load the Mode Register. If 
necessary the Master Key Register can be loaded and 
session keys may be generated at this time. Then switch 
back to Direct Control Mode. 


A High on the K/D pin of the Auxiliary Port sets up the 
DCP for key entry. (s/s Stays Low for the entire key load 
process. A High at the E/D pin selects the E-Key load, a 
Low selects the D-Key load. The DCP responds by 
activating the CP output pin. As soon as CP becomes 
active, keys can be strobed into the Master Port by 
providing data write strobes. MCS must be Low. The 
control lines of the Auxiliary Port should be held 
steady throughout the entire load process. 


A "Start" command is entered by raising the S/S line. The 
level at E/D selects encryption (High) or decryption mode 
(Low). K/D has to be Low throughout the ciphering 
session. The DCP responds to the start command by 
activating the input port flag. S/S must be held steady 
during the ciphering session. For flag assignment 
information refer to Chapter 3.1. 


Whenever the input flag is active, data can be entered 
through the Master or Slave Port depending on the 
selected mode. To achieve the highest throughput, follow 
the notes given in Chapter 3.9 (pipelining). 


When the DCP has processed the data, the output flag will 
become active. Data may be removed from the output port 
when the flag is active. 


At the end of the ciphering session, issue a "Stop" 
command by pulling S/S Low. 
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3.7.2. CBC AND CFB OPERATION 


The instruction sequence to perform CBC or CFB operation in 
Direct Control Mode is similar to ECB operation. In these 
operation modes the C/K pin must be programmble, because the IV 
needed for CBC and CFB can only be loaded in Multiplexed Control 
Mode. 


Loading the encryption and decryption keys can be performed when 
C/K is Low (Multiplexed Control Mode) or High (Direct Control 
Mode). 


Figure 3.16 shows a flow chart. Do not issue a stop command if 
Busy (BSY) or Command Pending (CP) are active. 


In CFB operation, all output data must be removed from the Output 
Register before a stop command is entered. In this mode the user 
is limited to one session at a time. The DCP must be 
reinitialized before resuming the ciphering session. The steps 
are shown below: 

- Switch to Multiplexed Control Mode (C/K=Low). 

- Reload the Mode Register to previous configuration. 

- Switch back to Direct Control Mode (C/K=High). 

- Issue Start command. 

-~ Check for input flag active, then resume data input. 

If the DCP is stopped in the middle of a data block input, the 
following steps must be performed to avoid erroneous data and to 
resume operation: 

- Issue stop command. 

- Read all available output data. 

- Switch to Multiplexed Control Mode (C/K=Low). 

- Reload Mode Register. 

- Switch back to Direct Control Mode (C/K=High). 

- Issue Start command. 

- Check for input flag active, then resume data input. 

If the data error is detected before input to the DCP, an error 
Signal may be generated from the error detection logic to disable 
the input port data strobes. In this case the user does not need 
to switch out of Direct Control Mode. The input can be continued 


by enabling the input data strobes when correct data is 
available. 
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If the input data strobe is of the same frequency as the clock 
input and the user has to stop in the middle (less than 8 bytes) 
of an input block load, it is not possible to disable further 
data strobes by de-selecting the input port (Chip Select=High). 


3.8. OUTPUT FEEDBACK (OFB) AND ONE-BIT CIPHER FEEDBACK (CFB) 


Only the three operation modes that are implemented in the DCP 
have been discussed in the preceding chapters. Two other types of 
data ciphering modes recommended by the National Bureau of 
Standards are OFB and one-bit CFB. These modes of operation are 
explained in Chapter 2.2. 

The DCP can achieve 64-bit Output Feedback when the EXOR function 
is done by software. The DCP operates as a 64-bit pseudo random 
number generator. Figure 2.18 shows the data flow in this mode. 
The instruction sequence is: 

- Set up DCP for CBC operation. 

- Load Keys. 

- Load IV with 64-bit initial value. 

- Issue "Start Encryption". 

- Load Input Register with zeros (68). 

- Read Output Register. 


- EXOR DCP result vector with 64-bit data block by software to 
get the 64-bit encrypted block (ciphered text). 


- Jump to "Load Input Register" instruction. 

One-bit CFB may be performed by the DCP with supporting software. 
Each 64-bit cipher process generates one bit output information. 
The user must be aware that this implementation of one-bit CFB 
can be used in fairly low-speed applications only. The DCP is set 
up for ECB mode. The EXOR and the SHIFT functions are executed in 
software. The instruction sequence is given below: 

- Set up DCP for ECB. 

- Load Keys. 

- Issue "Start Encryption". 


- Load 64-bit Input Register with Initial Vector. 


~ Read 64-bit output. 
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- Take the most significant bit and EXOR it with the clear text. 
The output of the EXOR function is the ciphered text. 


-~ Also left-shift this bit into the Initial Vector for the next 
cycle. 


- Continue loading the Input Register with the Initial Vector. 


3.9. THROUGHPUT 


The highly pipelined architecture of the DCP allows simultaneous 
read, ciphering and write operation. For maximum throughput, the 
DCP must be programmed for dual port configuration. One port is 
the input port, the other is the output port. For single port 
configuration, the throughput is cut in half. 


Figure 3.18 shows detailed timing of the ciphering of one 64-bit 
block in ECB or CBC. The input process starts at clock g. It 
takes 8 clock periods to strobe in the entire block. One data 
strobe is issued for each clock period. Five clock cycles are 
needed to update the flags and transfer the input block from the 
Input Register to the algorithm unit. The algorithm unit starts 
ciphering concurrently with the transfer. After updating the 
flags, another input block may be entered. The block is ciphered 
18 clocks after loading the last byte. Transfer of the ciphered 
block to the Output Register and transfer of the next input block 
to the algorithm unit can be performed in parallel (see 
Pipelining Scheme A and B). The entire procedure of ciphering one 
block takes 39 clock periods. Because parts of this procedure can 
be overlayed, the DCP can process one block every 18 clocks. 


Pipelining 


Figure 3.17 shows a flow chart of the data entry and removal 
sequence for dual port configuration. After initialization, two 
data blocks are strobed into the device to fill the Output 
Register and the algorithm unit. Then blocks are strobed in and 
out concurrently. When terminating the session, the device must 
be emptied by reading out two more blocks. 


The DCP can also be operated in pipelined mode when in single 
port configuration. After initialization, one block of data is 
strobed into the device. Then, in a loop, one block is strobed in 
and one block is read out. The block strobed in before entering 
the loop is ciphered concurrently with the input of the second 
block. This guarantees that the user need not wait for the 
algorithm to perform encryption. The Master Port can be switched 
between input and outputs without Waits. 


Pipelining Scheme A (Figure 3.19) shows how to cipher a set of 
blocks in minimum time. The total time is (n + 1) * 18 + 3 clock 
periods where "n" is the number of blocks. Pipelining Scheme B 
(Figure 3.28) is slightly modified compared to Scheme A. The 
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Figure 3.18. Detailed Timing of 1 Block 
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Figure 3.19. Pipelining Scheme A. Minimum Timing Operation 
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Figure 3.20 Pipeline Scheme B: Synchronized Port Operation 
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total time is slightly longer. It takes (n + 1) * 18 + 8 clock 
periods to cipher "n" blocks. But it has the advantage that data 
is put in and removed simultaneously. One signal may strobe data 
in and out. The interface hardware might be simpler. 


To get the maximum throughput, block transfers must be executed 
in the 13-clock time slot between the update of flags. The 
examples in Figure 3.19 and 3.28 assume a transfer time of eight 
clock periods. 


Only Direct Control Mode designs using high-speed control logic 
can satisfy this requirement. Chapter 4.12 "High Speed Serial 
Data Ciphering in Network Systems" shows such a design. All other 
application interfaces drive the DCP in Multiplexed Control Mode. 
The data transfer capabilities of most microprocessor systems are 
lower than required by the DCP. Even a design with high speed DMA 
controller is not able to transfer 8 bytes of data in 8 clock 
cycles. 


When the system timing constrains the ciphering speed, this 
problem can be solved by putting a FIFO buffer between the system 
bus and the DCP. The system can thus operate asynchronously while 
the DCP operates at its optimum clock rate. The FIFO buffer also 
compensates for the time when no data can be transferred while 
the DCP updates flags. 


Under ideal circumstances the throughput can be calculated as: 


T = (f * 8) / 18 T = throughput 
f = clock rate 

Am9518: 
T = (3 MHz * 8) / 18 = 1.33 MByte/s 

AmZ8968 = 
T = (4 MHz * 8) / 18 = 1.78 MByte/s 

Am9568: 


To meet the minimum High and Low times of the read and write 
strobes, they cannot be issued every clock when operating at the 
maximum clock rate. The clock rate must be reduced to 3.33 MHz to 
have 388 ns strobe periods or strobes must be issued every other 
clock period. The throughput for both cases is determined below. 


T = (4 MHz * 8) / (2 * 8 + 5) = 1.52 MHz 


T = (3.33 MHz * 8) / 18 = 1.48 MHz 
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Figure 3.21 Key Transfer 
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3.10. KEY TRANSFER VIA THE COMMUNICATION LINK 


The system security can be enhanced by changing keys frequently. 
These periodically changed keys are called session keys. In 
order to update the DCP with the new session keys the keys have 
to be distributed. A convenient way to distribute keys is to use 
an already existing communication link between the DCPs. The 
system designer has to make sure that no eavesdropper gets 
knowledge of the new session keys. Therefore keys should be 
transmitted in encrypted form. 


The DCP has two commands and one special key to support key 
distribution. 


Commands: Encrypt with Master Key 
Load Encrypted Key 


Key: Master Key 
Figure 3.21 shows the operation sequence when distributing keys: 


Step 1: "A" generates a 56-bit session key, splits the key into 
eight 7-bit groups and adds a parity bit to each group. 
The result (a 64-bit word) is encrypted with the Master 
Key. Therefore, "A" issues the command "Encrypt with 
Master Key" and strobes the 64-bit result through the 
Master Port into the Input Register. The DCP encrypts 
the 64-bit word with the Master Key and ECB mode. The 
encrypted key can be removed from the Output Register 
via the Master Port. 


Step 2: "A" transmits the encrypted key via the communication 
link to "B". 


Step 3: "B" issues the command "Load Encrypted Key". The 
received encrypted key is strobed through the Master 
Port into the Input Register and decrypted with the 
Master Key. The Master Key of "B" must be identical to 
the Master Key of "A". After decryption the parity is 
checked and the decrypted key is loaded into the 
appropriate register. To enhance the system security 
"B" cannot read the decrypted key. 
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CHAPTER 4. INTERFACING 


This chapter contains interfaces between the DCP and the most 
common 8=-bit and 16-bit microprocessors. 


First, a look at the critical points in interfacing the DCP. 
Demultiplexed Systems: 


The DCP uses a multiplexed address/data bus which means that the 
system designer has to provide this kind of bus to the DCP. Ina 
non-multiplexed system environment the address and data bus are 
separated and not time-multiplexed. There are two basic solutions 
for simulating a multiplexed address/data bus. 


The interface logic multiplexes at least the two relevant lines 
(MP; and MP2) addressing an internal DCP register. Multiplexing 
the other lines (MPg, MP3 to MP7) 1s optional. 


The second solution simulates a multiplexed address/data bus 
under software control. The CPU can access the DCP to latch an 
internal register address (Address Latch Cycle) or to transfer 
data (Data Read or Write Cycle). These two kinds of accesses 
usually are distinguished by the address line "Ag", In the 
Address Latch Cycle, only an address strobe is generated to 
strobe in the internal register address supplied via the CPU data 
bus. In the Data Transfer Cycle, only data strobes are generated 
to actually read a formerly addressed register or to write to it. 
So the Address Latch process and the Data Transfer are totally 
independent from each other. 


The advantages of the second solution are that it usually takes 
less interface logic and that it is faster in most applications 
because there is no overhead in latching the address. The 
interfaces in Chapters 4.4, 4.6, 4.9 and 4.18 employ the second 
solution. A disadvantage of the second solution is a slight 
software overhead caused by the Address Latch Cycles. Once the 
DCP iS initialized for a data ciphering session, there iS no more 
need for Address Latch Cycles. During the high speed data 
ciphering session itself, only Data Transfer Cycles are executed. 


The first approach has advantages where multiplexing the two 
above mentioned lines causes no overhead in hardware and timing. 
The 1APX286 to Am9568 interface is an example. The multiplexing 
logic can be integrated into the existing PAL* (Programmable 
Array Logic) interface, and the multiplexing does not extend the 
Data Transfer Cycle. | 


*PAL 18 a registered trademark of and is used under license from 
Monolithic Memories, Inc. 
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Synchronization: 


One of the basic problems is to satisfy the required 
synchronization between the clock and data strobe. 


The DCP requires that the rising edge of data strobe fall into a 
certain window after the falling edge of the clock. This window 
is specified in timing parameter 45 of the Product Specification 
as listed below: 


Am9518: 6 - TWL - 100 ns 
Am9568: 0 - TWL - 85 ns 
AmZ8@68: @ —- TWL —- 65 ns 


TWL is the actual clock width (Low) of the interface. 
Several design techniques can guarantee this parameter. 


Some CPU's, for example the 8986 in Maximum Mode, have data 
strobe timing that inherently satisfies the DCP requirements. 
These interfaces do not need special synchronization logic. 


In asynchronous systems, the interface control logic usually 
buffers the data strobe and can easily synchronize it to the 
clock. PAL devices with registered outputs clocked by the DCP 
clock simplify this task (Chapter 4.19). 


Another, sometimes Simpler, approach is to make use of the clock 
Low width dependent specification by delaying the first rising 
edge of clock following data strobe (Chapter 4.4). 

Address Strobe: 


The three members of the DCP family have different specifications 
for the address strobe width: 


Am9518 : 115 ns 
AmZ8068: 88 ns 
Am9568 : 49 ns 


The Am9568 should be used in systems with narrow address strobes 
(e.g., 8886 CPU at 8 MHz). 


Read/Write: 


The Am9518 and AmZ8@68 require a set-up time of 190@ ns to data 
strobe. The Am9568 does not have this specification because of 
its functionally different bus interface. Read/Write and data 
strobe are replaced by write strobe and read strobe. The Am9568, 
therefore, has advantages in applications where it is difficult 
to satisfy the read/write set-up time. 


58 


Chapter 4 


PAL Devices: 


Many of the following applications employ PAL devices to 
integrate the entire interface logic into one 2@-pin device. 
Registered PAL devices like the AmPAL16R4 have registered and 
combinatorial outputs which enable the designer to build up small 
state machines for the interface handshake. An asynchronous bus, 
such as the iSBX* bus, can easily be adapted to the synchronous 
requirements of the DCP. 


A PAL device is a semi-custom device that is supported by 
computer-aided-design tools like the PAL assembler. All 
interfaces described in this book that employ PAL devices have a 
complete listing of the PAL design specification program, the 
input of the PAL assembler. Each program consists of five 
sections as described below: 


1) The first four lines of the PAL Design Specification list the 
PAL part number, the user's internal part number, the date, 
the designer's name, the device application name, and the 
company name and address. 


2) The pin-list gives the symbolic names used for the inputs’ and 
outputs in the order of pin 1 to pin 2@. Active Low signals 
are preceded by "/", a symbol used instead of a "bar". 


3) The equations are the heart of the program. They define the 
conditions under which the outputs become active. 


4) The function table is a powerful tool to test the correctness 
of the equations. The designer specifies the signals to be 
supplied to the inputs and to be seen at the outputs. In the 
Simulation pass, the PAL assembler verifies whether the 
function table corresponds to the equations. This pass 
detects the most common errors (typing errors and signal 
inversions) and checks for logical errors. Each line of the 
function table represents a test vector containing inputs 
and outputs. The states are defined by characters as 
specified below: 


Low 

High 

Clock registered outputs 
Don't care 


Input: 


“~Q m0 


Output: Low expected 
High expected 
High impedance expected 


Don't test 


aN oe 


5) The description documents the operation of the device and its 
intended application. 


*iSBX is a trademark of Intel Corporation. 
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Figure 4.1. Direct Interface 8086-Am9568 (Maximum Mode) 
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Figure 4.2. Direct Interface 8086-Am9568 (Minimum Mode) 
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Figure 4.3. Direct Interface 8086-Am9518/AmZ8068 (Maximum Mode) 
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4.1. 8686/8688 — Am9518/AmZ8968/Am9568 


Interfacing the DCP family to 89886 or its 8-bit bus equivalent, 
the 8088, is straightforward. 


In systems with CPU clock rates up to 3 MHz, the Am9568 can be 
directly interfaced to the CPU (Figures 4.1 and 4.2). The clock 
rate is limited to 3 MHz because of the 33%/66% duty cycle (33% 
High, 66% Low) of the CPU clock and to satisfy the minimum clock 
High time of 115 ns of the Am9568. The second critical parameter 
is the relationship between the clock and data strobe. The Am9568 
requires a delay of the rising edge of MRD or MWR to the falling 
edge of the clock of 89 - TWL - 85 ns. TWL is the clock Low width. 
In this interface the minimum clock Low width is 207 ns. This 
determines a maximum delay of up to 122 ns. The CPU is specified 
to have a "Control Active Delay" of 18 to 119 ns. With a margin 
of 12 ns, it is obviously impossible to increase the system clock 
by modifying its duty cycle. 


Figures 4.3 and 4.4 show a Similar interface using the Am9518 and 
the AmZ8968. This interface needs additional logic to convert 
the read or write strobes into a Read/Write (R/W) and a Data 
Strobe (MDS) and to invert the Address Latch Enable to generate 
a Master Port Address Strobe (MAS). Similar to the interface 
discussed above, the clock rate is limited by the clock Low and 
High widths and the requirements of the DCP. The Am9518 needs a 
minimum clock High width of 15@ ns determining a maximum clock 
rate of 2.3 MHz. The minimum clock Low width of 275 ns and the 
DCP specification of 9 - TWL - 108 ns provides a margin of 
275 ns - 118 ns - 100 ns = 65 ns. 


The AmZ8068 requires a minimum clock High width of 115 ns, 
resulting in the same maximum clock rate as in interfacing to the 
Am9568 (3 MHz). The specification about the synchronization of 
clock and data strobe is less critical in this interface 
(9 - TWL - 65 ns) so the margin becomes 32 ns. 


An 8086/8888 system with clock rates larger than the rates 
mentioned above requires more sophisticated interface logic: the 
DCP clock must not exceed 4 MHz (3 MHz for the Am9518), the 
Address Strobe width has to be satisfied, and the data strobes 
must be synchronous to the clock. The case in which the DCP clock 
is divided down by two from the CPU clock is discussed below. 


An application where the DCP runs asynchronously from. the 
8886 clock is not discussed here. Ideas can be taken from the 
Chapter 4.18 iSBX Bus to Am9568 interface. 


8986/8988 — Am9518/AmZ8968 (Figures 4.5 and 4.6) 


The Control/Key Mode input (C/K) is wired Low to select the 
Multiplexed Control Mode. In this mode the address to the 


internal registers of the DCP,. MP1 and MP2, is multiplexed with 
the data byte on the eight bidirectional lines of the Master 
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Figure 4.4. Direct Interface 8086-Am9518/AmZ8068 (Minimum Mode) 
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Figure 4.5. 8086/8088-Am9518/AmZ8068 Interface (Minimum Mode) 
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Port bus. MP) and MP9 are latchedon the rising edge of MAS 
(Master Port Address Strobe), to select the internal 
register for subsequent data transfer cycles. 


MAS is the inverted Address Latch Enable of the 8086 bus. The 
state of MCS (Master Port Chip Select) is also latched at the 
rising edge of MAS. In the Minimum Mode of the 8886 (MN/MX=High) 
MCS may only go Low during Input/Output cycles (M/IO=Low); 
therefore, M/IO enables the address decoder in Minimum Mode. 


The Read/Write input (MR/W) is connected to Data Transmit/Receive 
(DT/R). DT/R satisfies the set-up and hold time requirements of 
MR/W. 


Master Port Data Strobe (MDS) is active if either Input/Output 
Read Control (IORC) or Advanced Input/Output Write Control 
(AIOWC) are active. The AIOWC has a wider Low width than IOWC 
(Input/Output Write Control) and so gives a wider margin in 
interfacing. 


In Minimum Mode (Figure 4.5), RD and WR are logical ORed to 
generate MDS. The timing is the same as in Maximum Mode. 


8986/8688 -—- Am9568 (Figure 4.7) 


CPU clock rates above 4.44 MHz (above 5.8 MHz for the AmZ8968) 
require use of the Am9568 instead of the Am9518, because TWA 
(Master Port Address Strobe width) becomes critical with 
increased clock rate, as shown below: 


Am9518 3: TWA = 115 ns 
AmZ8@68 : TWA = 8@ nS 
Am9568 3: TWA = 40 ns 
8086/8088 : TLHLL = 115 ns at 4.44 MHz 
8986/8088 : TLHLL = 8080 ns at 5.80 MHz 
8086/8088 : TLHLL = 48 ns at 8.00 MHz 


TLHLL is the Address Latch Enable width (ALE) of the 8@86. 


For CPU clock rates above 7 MHz, one Wait state has to be 
inserted during Control Register Reads (timing parameter 44). 


Note: In the interfaces shown, the number of Wait states must 
be the same for all read or write accesses to the DCP, 
because the Clock Synchronizer is designed for either an 
even or an odd number of Wait states. 
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Figure 4.6. 8086/8088-Am9518/AmZ8068 Interface (No Wait State) 
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Clock Synchronization 


Avery important factor in designing the interface to the 8986 is 
that the rising edge of MDS must be synchronous to the falling 
edge of the DCP clock (timing parameter 45). 


In a system where the DCP runs at a divided system clock, a clock 


synchronizer is required. Without a synchronizer’ the rising 
edge of the Data Strobes (MDS, MRD and MWR) would be synchronous 
to either the falling or rising edge of the divided 


clock. Two simple Clock Synchronizers are used in these 
interfaces; one is designed for an even number, the other is 
designed for an oddnumber of Wait states. The DCP clock is 
synchronized to the Data Strobes at the falling edge of the CPU 
clock at the end of the CPU cycle Tl (Figures 4.8 and 4.9). At 
this edge, the state of the DCP clock is forced to a Low (CLK 
SYNC A in Figure 4.8) or to a High (CLK SYNC B in Figure 4.9), 
depending on the number of Wait states inserted. DCP CLK 1 and 2 
show the two possible phases of the DCP clock and how the Clock 
Synchronizer adjusts the phase. 


Data Ciphering Speed 


The data ciphering speed of the DCPis limited by the byte 
transfer capability of the 8@86 bus. A high-performance DMA like 
the AM9516 increases the throughput as shown in the following 
table: 


8886 clock DMA clock DCP clock N | T 

8 MHz 4 MHz 4 MHz 36 0.78 MByte/s 
6 MHz 6 MHz 3 MHz 18 1.85 MByte/s 
8 MHz no DMA 4 MHz 7@ @.42 MByte/s 


The formula for calculating the throughput is: 
T = (8 * £) / (N + 5) MByte/s 
T = Throughput in MByte/s 
N = Number of aed cycles per 8 byte transfer 
5 = Internal operation time (5 clocks per block) 
f = DCP clock in MHz 
8 = 8 data bytes per block 
The first two cases in the table above are fast enough to encrypt 


and decrypt the data transferred to or from a 5 1/4-inch 
Winchester Disk Controller "on the fly" (5 MBit/s=@9.625 MByte/s). 
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Figure 4.8. DCP CLK Synchronization Timing (No Wait States, CLK SYNC A) 
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Figure 4.9. DCP CLK Synchronization Timing (1 Wait State, CLK SYNC B) 
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Testing 


The interface of Figures 4.6 and 4.7 and both Clock Synchronizers 
were built and tested using the software described below. 


The DCP is reset by software writing "98," to the Command 
Register. 


The ciphering mode is selected by writing "18," into the Mode 
Register. Here the mode is: Master Port-only configuration, 
Electronic Code Book (ECB) and Encryption. 


The Clear Encryption key is loaded through the Master Port 
by issuing the command "ll,", After the command is entered, the 
Status Register content is read out. Only the Command Pending 
bit should be set (46,,). If other bits are set, the program 
sets the error flag "CODE" to FFy and terminates. If the 
status is correct, eight bytes of key are strobed in through 
the Master Port in eight output instructions. The Key is 
"899190190191919181,",. The most significant byte is loaded 
first. 


The status of the DCP is checked, the Command Pending bit and 
the parity error bits should be reset (@@y)- 


The encryption is started by entering the command "Start 
Encryption" (414). 


One block of data (8 bytes) is strobed into the Master Port. 
The source is the byte string "PLAIN". In this example, the 
plain text is: "OGBDGBOOGGOOGGOG,.". 


Loop3 is executed until the Busy bit of the Status Register 
shows the encryption is done. 


One block of ciphered data is read out of the Master Port and 


transferred to the program location "CIPHER". The ciphered 
text should be: "95A8D72813DAA94D,.", 


The Status Register is checked; only the Start Entered bit 
Should be set (88,4), 


The encryption session is stopped by issuing the command "Stop 
Encryption" (E@y)- 


After that the status should be 609,,; all flags are reset. 


The program can be used to decrypt data, if two program locations 
are changed: 


The "Enter Key" command of location 9118, has to be changed to 
12, ("Load Clear D-Key Through Master Port"). 


The Start Command of location 613ly has to be changed to 404 
("Start Decryption"). 
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After running the program, the error flag in "CODE" should be 
reset (0@y)- 


This test was performed to verify the communication between the 
8886 and the DCP. By providing clear and encrypted data for the 
key shown, users should be able to verify operation of any 
variation to the design. The software was kept simple to avoid 
dependence on other hardware in the system. 
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ASM86 VER 1.80 SOURCE: APPL8868.ASM 


ee ee ee ee ee rm ee me cee ee eee ee te ee eee ee eee ee ee eee ee ee ome ee ee we ee ee te ae ee eee ee ee oe es ee oe 


+> 

’ JUERGEN STELBRINK 4-12-83 
, ADVANCED MICRO DEVICES 

; 
’ 
; 


8886 TO AM9518 (AMZ8868) INTERFACE TEST PROGRAM 


a 
FCOG MPSEL EQU OFCOOH ; BASE ADDRESS OF MASTER PORT 
FC82 MPCOM EQU MPSEL+2 7 COMMAND REGISTER (WRITE ONLY) 
FC@2 MPSTAT EQU MPSEL+2 7 STATUS REGISTER (READ ONLY) 
FC@6 MPMODE EQU MPSEL+6 7 MODE REGISTER (READ AND WRITE) 
FCOGD MPINP EQU MPSEL ; INPUT REGISTER (WRITE ONLY) 
FCOO MPOUT EQU MPSEL , OUTPUT REGISTER (READ ONLY) 
0918 ECB EQU 18H 7 ENCRYPT, MP ONLY, ECB 
888d KEY1 EQU 80H ; KEY: 8091019180190190191H 
OOG1 KEY2 EQU 81H 
tf 
ORG 19@H 
s 

8108 BA @2 FC BEGIN: MOV DX ,MPCOM ; DX: POINTER TO PORT ADDRESS 
8193 BO BB MOV AL,9 ; SOFTWARE RESET 
0105 EE OUT DX,AL 

s 
91G6 BA @6 FC MOV DX ,MPMODE 
8189 BO 18 MOV AL, ECB ; SELECT MODE 
G19B EE OUT DX,AL 

’ 
G19C BA 62 FC MOV DX ,MPCOM 
G19F B@ 1l MOV AL,11H ; LOAD CLEAR E-KEY THROUGH MP 
@111 EE . OUT DX,AL 

oA 
9112 BA 92 FC MOV DX,MPSTAT 
8115 EC IN AL ,DX 7 READ STATUS 
0116 3C 486 CMP AL, 40H ; 48= CP SET 
8118 75 5F JNE ‘ERROR 

, 
G11A BO 89 MOV AL, KEY1 ; LOAD 1. KEY BYTE 
911C BA @@ FC MOV DX,MPINP 
@11F EE OUT DX,AL ; OUTPUT 1. KEY BYTE 
6128 BY O7 B@ MOV CX,7 ; LOAD COUNTER FOR NEXT 7 BYTES KEY 
8123 BO @1 MOV AL,KEY2 ; FOLLOWING KEY DATA 
0125 EE LOOP1: OUT DX,AL 
0126 E2 FD LOOP LOOPL 
$ ’ 
8128 BA @2 FC MOV DX,MPSTAT 
812B EC IN AL ,DX ; READ STATUS 
812C 3C BB CMP AL,@ ; FLAGS RESET? 
G812E 75 49 JNE ERROR 

g 
813@ BA @2 FC MOV DX ,MPCOM 
8133 BO 41 MOV AL,41H ; START ENCRIPTION 
8135 EE OUT DX,AL 

, 
8136 BO G8 BB MOV CX,8 ; 8 BYTES (1 BLOCK) OUTPUT 
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8139 
813C 
G13F 
9144 
8145 
G146 


8148 
G14B 
B14C 
G14E 


8159 
8153 
6156 
8159 
B15A 
G15F 
8160 


8162 
8165 
8166 
6168 


G16A 
816D 
G16F 


8170 
8173 
0174 
8176 
8178 


8179 
G17B 
G17F 


8180 
0181 


0189 


END OF 


BB 60 
BA 8@ 
2E 8A 
E2 F7 
BA 62 


24 20 
75 FB 


BY 98 
BB @@ 
BA 6G 
2E 88 
E2 F7 
BA 82 


3C 88 
75 OF 


BA @2 
BS EG 
BA G2 
3C 86 
75 @1 


BO FF 
2E A2 


88 BB 


L223 
78 89 


SOURCE: 


8B 


87 81 91 


FC 


8B 
FC 


87 89 @1 


FC 


FC 


Be 


88 G1 


LOOP2: 


=e 


LOOP3: 


=e 


LOOP4: 


=e 


=e 


=e 


7 
ERROR: 


; 
CODE 


68 68 OB BB PLAIN 


34 45 56 67 CIPHER 


° 
td 


APPL8068.ASM 


MOV 
MOV 
MOV 
INC 
OUT 
LOOP 


MOV 
IN 

AND 
JNZ 


MOV 
MOV 
MOV 
IN 
MOV 
INC 
LOOP 


MOV 
IN 

CMP 
JNE 


MOV 
MOV 
OUT 
MOV 
CMP 
JNE 
RET 
MOV 
MOV 
RET 


DB 
DB 


DB 


END 


ASSEMBLY. NUMBER OF ERRORS: 


BX,@ 


DX,MPINP 


AL, PLAIN[BX] 


BX 
DX,AL 
LOOP2 


DX,MPSTAT 


AL,DX 
AL,20H 
LOOP3 


CX,8 
BX ,@ 


DX ,MPOUT 


AL,DX 


CIPHER[BX] , AL 


=e ue NO 


=e 68 


=e Gs 


=e te SO 


INITIALIZE POINTER 


LOAD DATA 
INCREMENT POINTER 
WRITE PLAIN DATA 


WAIT UNTIL ENCRYPTION IS DONE 
TEST BUSY BIT 


8 BYTES (1 BLOCK) INPUT 
INITIALIZE POINTER 


READ ENCRYPTED DATA 
STORE DATA 


BX INCREMENT POINTER 

LOOP4 

DX,MPSTAT 

AL,DX , TEST STATUS REGISTER 
AL,8@H ; 8@= START ENTERED 

ERROR 

DX ,MPCOM 

AL,@E@H 7 STOP ENCRYPTION 

DX,AL 

DX ,MPSTAT 

AL,DX ; TEST STATUS REGISTER 

AL, @ ; ALL BITS MUST BE RESET 
ERROR 

AL, @FFH ; LOAD ERROR CODE 

CODE,AL 

OOH ; ERROR CODE 
00H,G9OH,O00H,GGH,O9H,88H,O0H, 00H ; PLAIN TEXT 
12H,23H,34H,45H,56H,67H, 78H, 89H ; CIPHER TEXT 


G 
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4.2. iAPX186 — AmZ80668 


The iAPX186 can operate in two basic modes: Minimum Mode or 
Maximum Mode. In Maximum Mode the 8288 Bus Controller provides 
command and control timing. Refer to Chapter 4.1 for examples of 
this type of interface. 


In Minimum Mode the bus timing of the iAPX186 is slightly 
different from the 8886 bus timing. Figure 4.18 shows’ the 
interface logic. The maximum clock rate for the DCP is 4 MHz, 
resulting in a maximum CPU clock rate of 8 MHz. No Wait states 
are required. 


An AmZ89@68 must be used in this application because of the wider 
range in delay time from clock to the read or write control 
Signal delay with respect to the clock. This parameter is 
specified for the iAPX186 as 18 to 55 ns. The AmZ8@68 requires a 
delay of @ to 58 ns at 4 MHz, the Am9568 9 to 39 ns at 4 MHz. 
Because of two delays in the clock path (Inverter and D- 
Flip-Flop) and only one delay in the control signal path (AND 
gate), the timing tolerance of these signals at the DCP is 
decreased to @ to 45 ns. 


At lower CPU clock rates the timing is less critical because the 
specified time relationship between clock and data strobe becomes 
wider (timing parameter 45 of the data sheet). 


The maximum clock for operating without a Wait state can be 
calculated like this: The RD width is specified as 2 * TCLCL - 
5@ ns for the iAPX186. The WR width is 2 * TCLCL - 48 ns. The 
smaller RD width is used for the calculation. At an 8-MHz 
clock, the 186 generates an RD signal 208 ns wide. The AmZ8968 
requires a minimum data strobe width of 280 ns for a Status 
Register access. The system can, therefore, operate up to this 
clock rate without a Wait state. 


The Clock Synchronizer in Figure 4.18 is the same as Clock 
Synchronizer Ain Figure 4.5. Figure 4.11 illustrates how this 
logic synchronizes the data strobe to the clock. DCP CLK(1) and 
DCP CLK(2) show the possible phases of the CPU clock before 
synchronization. At the end of cycle Tl the clock is 
synchronized. No Wait state is allowed when accessing the DCP. 
(An odd number of Wait states would synchronize the data strobe 
to the wrong edge of the clock.) 
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ADDR/DATAo-7 


AmZ8068 


iAPX186 


CLK 


CLK OUT 





04862A-42 


CLK OUT 





ALE 


Qi | | | 
DCP CLK (2)* | | | | | | | 
RD/WR | | 


*DCP CLK (1) AND (2) SHOW TWO PHASES OF DCP CLK 





04862A-43 


Figure 4.11. DCP CLK Synchronization Timing (No Wait States) 
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4.3. iAPX286 — Am9568 


This chapter shows an iAPX286 (88286) to Am9568 interface (Figure 
4.12). The Am9568 is chosen because of the narrower width of 
address strobe. The address strobe width of a 8—-MHz CPU is about 
68 ns. This interface is designed for an 8-MHz CPU where the 
DCP is synchronously operating at the maximum clock rate of 4 
MHZ. 


The Interface 


The Multibus* Mode Select input of the Bus Controller 82288 is 
tied Low to optimize the command and control signals for short 
bus cycles. The Command Delay (CMDLY) becomes active High for 
one 16-MHz clock cycle whenever the DCP is selected to delay the 
Read and Write strobes by 125 ns. This satisfies the timing 
requirement of the minimum delay between ALE inactive and Read 
or Write strobe active of the DCP. An open collector gate must 
be added to allow other peripherals to drive this input. 


The ALE, IORC and IOWC outputs of the 82288 are wired directly 
to the DCP. ALE strobes a D-Flip-Flop to store the state of Chip 
Select for the whole cycle. 


Q3 and the latched Chip Select CSL are ANDed externally to 
generate the Synchronous Ready for the 82284. The 82284 samples 
the line at the falling edge of the clock. The registered 
output Q3 is clocked with the rising edge of the same clock, 
thus satisfying the set-up and hold time requirements of the 
82284. Two Wait States are inserted. 


Half of the PAL device operates aS a bidirectional Address/Data 
Multiplexer. During the Address Latch Enable active phase, 


the state of A, and Az is transferred to the AD and AD? pin of 
the PAL device. The DCP latches this two-bit address with the 


falling edge of ALE. 


When IORC and CSL are active, the states of AD, and AD> are 
passed to Dj, and Dy respectively. The DCP Register can be read. 
If ITOWC and CSL are active, the data path is turned around; Dj, 
and D2 are inputs, AD] and AD2 are outputs. 


The address hold time of the PAL device is sufficient, because 
the address information is passed to AD, and AD) whenever 
ITORC*CSL or IOWC*CSL are not true, i.e. whenever data is not 
transferred between the CPU and the DCP. 


The read data hold time requirement of 5 ns of the Am9568 is 
satisfied by the propagation delay of the PAL device. 


The read data hold time requirement of 5 ns of the iAPX286 is 
also satisfied by the PAL device. 


*MULTIBUS is a registered trademark of Intel Corporation. 
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CLK 


PCLK 


ALE 


CMDLY 


lORCHOWC 


Qa 


Q3 


CSL 


DATA (READ) 


DATA (WRITE) 


ADDRESS 


iAPX286 





MPo-MP7 


MCS 


D1,D2 ADi, AD2 


A2 
Ai At 


M/IO 

a 
AmPAL16R4 
ADDR 


82284 


SRDY 


SRDYEN 








Figure 4.12. iAPX286-Am9568 Interface 
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SSOP CCCCE EEE COCCCCRCCCNE 
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Figure 4.13. Timing Diagram 
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The Master Port Chip Select (MCS) input of the DCP is connected 
to the unlatched address decoder output. 


The DCP Clock 


The PAL device synchronizes the DCP clock to the data strobes 
IORC and IOWC (Figure 4.13). It also divides the 16-MHz system 
clock (8-MHz CPU clock) down to the maximum DCP clock rate of 
4 MHz. At this clock rate the data strobe delay to the DCP clock 
must be @ to 38 ns. The Bus Controller is specified to generate 
a data strobe timing of 3 to 15 ns to the falling edge of CLK 
(16 MHz). Because of the higher propagation delay of a standard 
PAL device, the registered outputs are toggled at the rising 
edge of CLK before the data strobes become inactive. This 
gives additional 32.5 ns for the DCP clock signal path. 








to are three outputs of the PAL state machine. The 
Sees output are clocked with the rising edge of the 16-MHz 
82284 clock. Whenever ALE and CS are active, Q} to Q3 are set to 
the initial state. Q1 to Q3 are outputs of a 3- bit down 
counter, with Q3 as the most significant bit. 


Q3 is used. to generate the SRDY signal for the 82284 as 
mentioned above. 


Q5 is the DCP clock. This design must guarantee that the minimum 
DCP clock High or Low time is at least 115 ns or two 16-MHz clock 
cycles. This is done by toggling Q5 only during phase 2 cycles 
of the CPU. The CPU design guarantees that there is always a 
phase 1 cycle between two phase 2 cycles. 


Assuming a typical PAL propagation delay of 25 ns, timing 
parameter TCDS (Time Clock Data Strobe) is 18.5 to 22.5 ns (3 + 
32.5 - 25 ns to 15 + 32.5 - 25 ns). It satisfied the required @ 
to 30 ns. 


The AmPALI6R4 has active Low outputs. But one output, Qo, should 
be active High. The equation for Q92 was derived to be 


Qo = ALE * CS + Q] * Qo + Q] * Qo 


To compensate for the inversion in the PAL device either 
de Morgan Theorem or Karnaugh-Veitch diagrams can be used to 
convert it to the form shown in the PAL Design Specification. 


Improvements 


The DCP needs two Wait states only when the Control Registers are 
read. Data Register read or writes and Control Register writes 
can be executed with only one Wait state, which improves’ the 
Data Ciphering speed of this interface. The more sophisticated 
Wait control logic and the two external TTL gates can be 
integrated into one AmPAL22V1@ device. 
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PAL16R4 | PAL DESIGN SPECIFICATION 
DCPG43 JUERGEN STELBRINK 8-23-83 
iAPX286 — Am9568 (DCP) INTERFACE DEVICE 

ADVANCED MICRO DEVICES 


CLK /CS CSL ALE /IORC /IOWC Al A2 NC GND 

JOE Dl D2 = /Q1 Q2 /Q3 CMDLY AD1l AD2  vcc 

Ql := ALE*CS + /Q1 

/Q2 2= Q1*/Q2*/ALE + Q1*/Q2*/CS + /Q1*Q2*/ALE + /Q1*Q2*/CS 

Q3 2= ALE*CS + Q1*Q2*Q3 + /Q1*0O2*Q3 + Q1*/0Q2*Q3 + /Q1*/Q2*/Q3 
/CMDLY := /ALE+/CS 

IF(CSL*IORC) /D1l = /ADI1 


IF(CSL*IORC) /D2 


/AD2 


IF(CSL*/IORC) /AD1 /AL*ALE + /D1*/ALE 


IF (CSL*/IORC) /AD2 


/A2* ALE + /D2*/ALE 


FUNCTION TABLE 


CLK /CS CSL ALE /IORC Al A2 Dl D2 ADI AD2 /Q1 /Q2 /Q3 CMDLY 


; 7 Cc 
j I M 
7C f €£ A O A A J { sf D 
,; L C S L R A A D D D_ OD Qo Qd@ Q L 
; K S L E C i 2 2. 2 a 2 t we 3: x COMMENT 
a 
C L H H H L LG 4 4 GL L GL GL H;1 (/CS ACTIVE) 
X L H H 4H L H 4 4 UL HH L GL GL H 
X GL H H 4H H H 24 4 H 4H L G&G GL &H 
C GL H GL &H H L GL aH OU 4H H L L Lj; 2 (WRITE CYCLE) 
X H H L FL L “Lb HAH GL 4H H L L OL ; (READ CYCLE) 
C H H BL L H L L HH OL 4H L H L L #3 3 
C H H FL L H L ~L GL LoL H H L Lj; 4 
C H H FL OL H GL H H 4H 4H L LG H LL; 5 
C H H L 4H H GL H H 4H 4H H L H Lj; 6 
C H H UL 4H H ~L & G&G EL tL L H H Lj; 7 
C H H L 4H H GL H LG HH OL H H H Ly; 8 
0 
C H L H 4H Xx X 424 4 4 4G L LG LG Gz l (NO /CS) 


mn ee cum eS SD GED AE Ge aeEe ee cm qm qe ee com eee eee aoe eeP cee aD aD SSS GE com aD cD oD ce ae ae ame eee eee ow a ce om GD Ge GE ee ae) cle GS au ame HE ED ED one aD GE GES can aE Gee a ae aD ct au cu 
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DESCRIPTION: 


INPUT SIGNALS: 


CLK 


/CS 


CSL 


ALE 


Al,A2 


/TORC 


/ TOWC 


16 MHZ SYSTEM CLOCK OF THE 82284 SYSTEM TIMING CONTROLLER. 
THIS CLOCKS TRIGGERS THE D-FLIP-FLOPS OF FOUR PAL OUTPUTS 


ACTIVE LOW UNLATCHED CHIP SELECT OF THE ADDRESS DECODER 


ACTIVE HIGH LATCHED CHIP SELECT. IT HAS TO BE ACTIVE TO THE 
RISING EDGE OF ALE OF THE NEXT CYCLE 


ADDRESS LATCH ENABLE OF THE 82288 BUS CONTROLLER 


DEMULTIPLEXED ADDRESS INPUTS. THEY CARRY THE 2-BIT REGISTER 
ADDRESS FOR THE DCP 


INPUT/OUTPUT READ CONTROL OF THE 82288 


INPUT/OUTPUT WRITE CONTROL OF THE 82288 


OUTPUT SIGNALS: 


/Ql 


/Q2 


/Q3 


CMDLY 


INTERNAL STATE SIGNAL. IT IS DIVIDED BY TWO FROM CLK AND 
SYNCHRONIZED TO ALE 


INTERNAL STATE SIGNAL. IT IS DIVIDED BY TWO FROM /Q1 AND 
SYNCHRONIZED TO ALE. IT IS THE INVERTED DCP CLOCK (4MHZ). 
THE RIGHT EDGE OF Q2 IS SYNCHRONOUS TO THE DATA STROBES 
/IORC AND /IOWC, IF TWO WAIT STATES ARE INSERTED. 


INTERNAL STATE SIGNAL. IT IS DIVIDED BY TWO FROM /Q2 AND 
SYNCHRONIZED TO ALE. IT IS USED TO GENERATE THE SYNCHRONOUS 
READY (/SRDY) FOR THE 82284. EXTERNALLY IT HAS TO BE 
LOGICALLY AND'ED WITH THE THE LATCHED CHIP SELECT (CSL). 


COMMAND DELAY GOES ACTIVE FOR ONE CLOCK WIDTH TO DELAY THE 
DATA STROBES. THE AM9568 REQUIRES A DELAY BETWEEN ALE 
INACTIVE AND DATA STROBE ACTIVE. 


BIDIRECTIONAL SIGNALS: 


D1,D2 


DEMULTIPLEXED DATA BUS LINES TO 8886 CPU 


AD1,AD2 MULTIPLEXED ADDRESS/DATA BUS LINES FOR THE DCP 
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PROM, 
COMPARATOR, 
OR OTHER 
DECODER 


AmZ8068 





04862A-46 


Figure 4.14. AmZ8068 to 68000 Connection Using a PAL 


So $1 S2 S3 S4 $5 S6 $7 So Si S2 
TS T\ 


CLK 
Asche C— VALID ADDRESS / 
LDS, MAS 


porcuk XX \ X xX xX \ X 


DTACK1, 2 “a 


04862A-47 


Figure 4.15. 68000—AmZ8068 Address Latch Cycle (A; = Low) 
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4.4. 68000 -— AmZ8968 


This two-chip solution adds high-speed data ciphering to a 6890@- 
based system. About 500 kByte/s are possible in a CPU-controlled 
transfer. The ciphering rate can be increased with a 
sophisticated DMA controller or with several DCPS operating in 
parallel. 


In the application described below, the CPU operates at 8 MHz and 
the DCP operates synchronously at 4 MHz. The interface 
controller, a PAL device, generates the Address and Data 
Strobes for the DCP and the Data Acknowledge for the CPU. It 
also divides the CPU clock by two and synchronizes it to the Data 
Strobes. 


Programming 


Data transfers between the CPU and the DCP are accomplished by a 
two-cycle operation. First the address of an internal register 
is latched in, then the data is transferred. This causes a small 
overhead in the initialization phase, but improves the ciphering 
rate in a high-speed data ciphering session. The rate of 599 
kByte/s can be reached only if a high-speed peripheral device is 
connected to the Slave Port and the DCP is programmed for dual- 
port configuration. 


The 1/0 Addresses 


The PAL device is programmed to allow only CPU transfers to the 
DCP. Ag must be odd to make the CPU transfer the data on the Low 
byte of the data bus. 


A "g" on A, indicates an Address Latch Cycle, whereas a "1" on Ay 
indicates a Data Transfer Cycle. Ag must be "1" in both cycles. 


Interface Descriptions 


Figure 4.14 shows the 68980-DCP interface. Figures 4.15, 4.16, 
and 4.17 show the interface timing. 


An address decoder generates the Chip Select for the DCP. The 
Address Strobe indicates a valid address. The PAL device is only 
activated if the Lower Data Strobe becomes active while the Upper 
Data Strobe stays inactive. This means that data is transferred 
in MOVE.B instructions with an odd peripheral address. 


The PAL device provides two_Data Acknowledge outputs. DTACK, is 
an active Low TTL output. DTACKg has the same timing as DTACK), 
but is an Open Collector output. (The Open Collector output is 
realized by a three-state output which assumes only two 
states, Low or Floating.) 
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Figure 4.16. 68000—Am2Z8068 Data Read Cycle (A, = High) 
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Figure 4.17. 68000—Am2Z8068 Data Write Cycle (A, = High) 
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Address Latch Cycle 


In this cycle only a Master Port Address Strobe (MAS) is 
generated. Master Port Chip Select (MCS) is tied to Low. LDS is 
sent to the MAS output. The minimum pulse width of LDS is 
115 ns; 8@ ns are required for the AmZ8@68. 


DTACK is activated with the falling edge of the CPU clock after 
cycle S37. The CPU inserts no Wait states. DTACK is deactivated 
with the first edge of CLK after AS becomes inactive. 


Data Write Cycle 


A Data Write Cycle is performed when Ag is High, AS, CS and LDS 
are Low. The minimum pulse width of LDS is not sufficient for 
the DCP which requires at least 125 ns. One Wait state or a 
slower system clock will satisfy this parameter. One Wait State 
is inserted by activating DTACK at the end of Sy, 





The DCP clock is synchronized in Data Read or Write Cycles by 
forcing it Low when DTACK becomes active. This guarantees that 
the DCP clock has a falling edge just before LDS (MDS) rises. The 
delay of the DCP clock to CLK is typically 8 ns for a normal- 
speed PAL device. The delay of LDS to MDS is typically 12 ns. 
The delay of LDS to the system clock is @ to 78 ns_for the 8-MHz 
version. This results ina delay of 4 to 74 ns of MDS to the DCP 
clock. The DCP requires @ to 5@ ns when operating at the maximum 
clock rate. 


This problem is solved by stretching the clock one cycle. The 
DCP clock stays Low for two cycles in the end of a transfer 
cycle. This is done automatically by the PAL device (see Figure 
4.17). 


Data Read Cycle 


The generation of MDS in a Data Read Cycle is similar to the Data 
Write Cycle. Because the CPU activates LDS one cycle earlier, 
there is no need for a Wait State. The minimum pulse width of 
LDS is 24@ ns; the DCP requires 2898 ns for a Status Register 
read. DTACK is activated using the same logical condition as in 
the Data Write Cycle. Because of the earlier activation of LDS, 
DTACK becomes active earlier and the CPU inserts no Wait States. 
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PAL1OR4 PAL DESIGN SPECIFICATION 
DCP@44 JUERGEN STELBRINK 8-24-83 
68000 - AmZ8@68 (DCP) INTERFACE DEVICE 

ADVANCED MICRO DEVICES 


CLK2 /CS /AS /UDS /LDS RW Al CLK NC. GND 
JOE /MAS /MDS DCPCLK NC NC /DTACK1 CLK1 /DTACK2 VCC 
/CLK1 = CLK ; INVERT CLOCK TO TRIGGER THE REGISTERED 
; OUTPUTS WITH THE FALLING EDGE OF CLK 
MAS = AS*LDS*/UDS*/RW*/A1*CS 
MDS = AS*LDS*/UDS*A1*CS 
/DCPCLK := DCPCLK + ; DIVIDE BY TWO 
/DTACK1*CS*AS*LDS*/UDS + 
DTACK1*/AS*/LDS*/UDS TWO CLOCKS LOW IN 


me MO 


THE END OF A DATA CYCLE 


DATA TRANSFER CYCLE 
ADDRESS LATCH CYCLE 


DTACKL := AS*LDS*/UDS*A1*CS + 
AS*/RW*/A1*CS 


=e 6 


IF (DTACK1*AS*CS) DTACK2 = DTACK1 


FUNCTION TABLE 


CLK2 CLK CLK1 /CS /AS /LDS /UDS RW Al 
DCPCLK /MAS /MDS /DTACK1 /DTACK2 


; J / 

; D D OD 

; Cc 3 a! by 

me C J / P / / A A 

- tb € (iL Sf FY ds v Cc M M C C 

* K GL K C A D OD R A L A OD K kK 

* 2 K 1 8 85 S§ S§ W 1 K S S 1 2 COMMENT 

»s CLOCK INVERT 
X L H xX X X XK X X X XK X XK X 
X H GL xX XK XK X XK X X X xX XK xX 

; DATA WRITE CYCLE 
C xX X GL H H H H 4H X H H H Zz; S@ 
C X X L “BL H H L H X H H H Z; S82 
Cc X X L L “GL H GL H L H G© ~L GL 3 84 
C X XK L G&G GL H “LL dH H H L BL OL 3; SW (1 WAIT STATE) 
C xX XK L L &GB H GL aH Lb H & GL -L¥ S6 
X X X L H H H L 4H L H H L @y; S7 
C X XK H H H H GL X L H H H @Z@; S@ 
C X X H LL XK H X X H H H H @Z+}3 S82 

,; DATA READ CYCLE 
C X XK H H H H H 4H X H H H Z+y}; S@ 
C X xX L LBL LG H H &H L H “L L GL} S82 
C xX X L LBL “GL H H 4H H H L LL OL; S84 
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C xX X L LG G H H 4H L H L GL Ly; S6 
X X X L H H H H H L H H LG @y S87 
C X X L H H H H 4H L H H H @yj; S@ 
C X XK X H H H H 4H H H H H Zz S2 
; ADDRESS LATCH CYCLE 
C xX X L BL H H FL G X H H L Ly; S82 
Cc X X L LG G&G H GL & X L H L Ly S4 
Cc X X L Gh G&G AH LG X L H L Ly S6 
Xx XK X L H H H FL GL X H H L @Z@y S7 
C X X X H H H L OL X H H H Zy; SO 
’ 
DESCRIPTION: 
INPUT SIGNALS: 
CLK2 CLOCK FOR THE REGISTERED OUTPUTS OF THE PAL. IT IS 
CONNECTED TO CLKIL 
CLK 8 MHZ 68808 SYSTEM CLOCK 
/CS CHIP SELECT FOR DCP (A2-A23 ARE RELEVANT) 
/AS ADDRESS STROBE 
/LDS LOWER DATA STROBE USED TO TIME THE MASTER PORT DATA STROBE 
/UDS UPPER DATA STROBE HAS TO BE INACTIVE DURING ALL TRANSFERS 
Al ADDRESS BIT 1 DISTINGUISHES BETWEEN ADDRESS LATCH AND 
DATA TRANSFER CYCLES 
A1=LOW ADDRESS LATCH 
Al=HIGH DATA TRANSFER 
RW READ/ WRITE CONTROL 
OUTPUT SIGNALS: 
/MAS MASTER PORT ADDRESS STROBE 
/MDS MASTER PORT DATA STROBE 
CLK1 INVERTED CLOCK CLK 


/DTACK1 LOW ACTIVE DATA ACKNOWLEDGE FOR 6880@ 
ONE WAIT STATE IS INSERTED IN A DATA WRITE CYCLE 


/DTACK2 LOW ACTIVE DATA ACKNOWLEDGE FOR 68808 (OPEN COLLECTOR) 


DCPCLK 4 MHZ DCP CLOCK, IT IS SYNCHRONIZED TO THE MASTER PORT 
DATA STROBE. IN A DATA TRANSFER CYCLE DCPCLK STAYS TWO 
CLK CYCLES LOW TO DELAY THE FIRST RISING EDGE OF THE 
DCPCLK TO TH DATA STROBES. IT IS DONE TO SATISFY TIMING 
PARAMETER 45 OF THE DCP PRODUCT SPECIFICATION. 
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CLK2] 1 20] Vcc 


cS] 2. 49] DTACK2 


AS | 3) 48] CLK1 





UDS | 4 DTACK1 
LDS | 5] AmMPAL16R4 |16] Nc 
RIW | 6) 45] NC 


Al 14] DCP CLK 
cik [8 _ fi3] MDs 
NC | 9| MAS 


GND |10 441] OE 


TOP VIEW 
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Figure 4.18. AmPAL16R4 Connection Diagram 
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4.5. 2Z8000 ~ AmZ8068 


Figure 4.19 shows an interface between a 4=MHz Z8001/2* 
microprocessor and the AmZ8068. The CPU and the DCP can operate 
synchronously at a clock rate up to 3.5 MHz All control and 
Strobe signals can be connected directly to the DCP. 


The clock rate is reduced to 3.5 MHz to satisfy timing parameter 
45. The delay time from clock falling tc Data Strobe (DS) rising 
is specified at 0 to 70 ns; the DCP requires 0 to 50 ns at 4 MHz. 


By reducing the clock rate, this parameter becomes 0 to 70 ns at 
3.5 MHz. 


The system can cperate at 4 MHz, if a 10=MHz Z8001/2 is used. 
This faster version is specified for 0 to 45 ns. 


A Sample Program 

A universal program for testing the DCP is included at the end of 
this chapter. The program is written in Z8002 (nonsegmented) 
assembly language. The DCP must be initialized for Multiplexed 
Control Mode and "Master Port only" configuration. The ciphering 
mode can be ECB or CBC. The mode is defined by the variable 
"MODE". A one=cycle operation of the interface is assumed. For 


a two-cycle operation interface, instructions to latch the 
register address must be added. 


Structure of the Program 

Some variable fields are located in the beginning of the program: 

DCP=OUT 32=byte buffer for the ciphered text 

DCP=IN 32-byte buffer for the clear input text; the 
information to be ciphered must be loaded here 
before starting the program 


CIVE 8=byte buffer for the CBC Initial Vector (IV) for 
encryption 


CE=KEY 8=byte buffer for the encryption key (for ECB’ and CBC) 
MODE definés mode cf operation (184 = ECB, 1Ay = CBC) 
DATAREG address of Data Register (AD)=0, AD =0) 

CSREG address of Command/Status Register (AD,=1, AD =0) 


MODEREG address of Mode Register (AD,=1, AD 9=1) 


*Z8001/2 are trademarks of Zilog, Inc. 
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First, the DCP is reset by loading the Mode Register. The IVE 


Register is loaded by issuing command "85y", "Load Clear IVE 
through Master Port", and strobing in eight bytes of data. The EF 


Key Register is loaded in a similar way. The command is "lly"s 
"Load Clear E Key through Master Port". Loading of the IVE 
Register is not required for ECB. After entering these load 
commands, the Command pending bit of the Status Register becomes 
active until the eighth byte is strobed in. 


The data ciphering session is started by writing "41", "Start 
Encryption" to the Command Register. The Command Pending bit 
becomes active and stays active until a stop command is entered 
or the DCP is reset. The Master Port Flag (MFLG) and the Slave 
Port Flag (SFLG) can be monitored to see whether the DCP is ready 
for input or output of data. In this sample program, these flags 
are not monitored because the structure of the program and the 
speed of the CPU guarantee that there are at least 5 DCP clocks 
between input or output of succeeding blocks. 





This program operates the DCP in pipelined mode. First, two 
blocks of clear data are loaded into the chip, then the first 
block is read out. During input of the second block, the 
algorithm unit ciphers the first block. When the eight bytes of 
the second block are loaded, the first block is ready to be read 
out. The CPU can put data in and read data out without having to 
wait for the algorithm unit to cipher the data. 


After ciphering four blocks, a stop command is entered. The 
result is stored in the field "DCP-OUT". 


Improvements 


If the DCP should be interfaced to a faster 28000, the designer 
must take particular care that: 


- the Address Strobe width does not become too narrow, 


- the Data Strobe width does not become too narrow for Status 
Register read operations (a Wait State might be inserted), 


- MDS is synchronous to the DCP clock. 

Three approaches are discussed in more detail below. The 
interface logic of these interfaces may be integrated into one 
PAL device. Ideas of realization can be found in the other 
chapters. 

8-MHz Z8908 — AmZ8968 

-~ Use two-cycle operation. 


- Divide clock by two. 


- Synchronize clock to DS. 
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- For Status Register reads, one additional Wait state must be 
inserted. 
8-MHz Z8906 — Am9568 


- Use multiplexed address/data bus of CPU; the Am9568 accepts the 
narrow Address Strobe directly. 


- Transform R/W and DS into MRD and MWR. 

- Divide system clock by two and synchronize it to MRD or MWR. 

-~ Keep the DCP clock Low for two clock cycles at the end of the 
transfer cycle to satisfy the critical timing parameter 45 (@ 
to 3@ ns) (see 68808-DCP interface). 

-~ Insert Wait State for Status Register read operations. 

Z8696 — AmZ8968 

- DCP and CPU operate asynchronously with separate clocks. 

- Design interface analogous to "“iSBX Bus —- DCP", 


- Use two-cycle transfer mode. 


- Less efficient CPU-DCP transfer, but no restrictions for system 
clock rate. 


STATUS 
DECODER 


AmZ8000 AmZ8068 
vO 


ADs-AD15 _....__/| ADDRESS MCS 
DECODER 





OSCILLATOR 
(3.5 MHz) 7 


04862A-51 


Figure 4.19. Z8000-AmZ8068 Interface 
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MACRO8000: 


0000 
0000 
0000 
0000 
0000 
0000 
0000 
0000 
1000 
1000 
1020 
1040 
1048 
1050 
1051 
1052 
1054 
1056 
1058 
1058 
1058 
105C 
1060 
1064 
1068 
106A 
106A 
106A 
106C 
106E 
1072 
1076 
107A 
107A 
107A 
107C 
107E 
1082 
1086 
108A 
108A 
108A 
108C 
108E 
1092 
1096 
109A 
109E 
10A2 
10A6 
1LOAA 
1OAE 
10B2 
10B6 
1LOBA 
10BE 
10C2 
10C6 
10CA 
10CE 
10D2 
10D6 
10D6 
10D6 
10D8 
LODA 
10DA 


00 


6103 
6101 
6102 
600F 
3E2F 


CFA5 
3E1F 
2108 
2109 
3A92 


CF1l 
3E1F 
2108 
2109 
3A92 


CF41 
3E1F 
2108 
2109 
3A92 
2108 
3A92 
2108 
210A 
3A30 
2108 
3A92 
2108 
3A30 
2108 
3A92 
2108 
3A30 
2108 
3A30 


CFEO 
3E1F 


1052 
1054 
1056 
1050 


0008 
1040 
0830 


0008 
1048 
0830 


0008 
1020 
0830 
0008 
0830 
0008 
1000 
08A0 
0008 
0830 
0008 
O8A0 
0008 
0830 
0008 
O8A0 
0008 
08A0 


Version 2.0 


9/19/80 


Page l 
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ys 


a* ENCRYPTION EXAMPLE FOR Z8000 


Y* 


JS 3/12/84 * 
* 


* 


0 He Hee tI KK FRR II I ITOK II KK IK IK IK IKE KK II KK KKK IKK KK KKK KKK KKEKK KK KK KKK KK 


PROGRAM DCP_SHOW; 


ORIGIN #1000; 
DCP_OUT: BYTE (32); 
DCP IN: BYTE (32); 
CIVE: BYTE 53 
CE_KEY: BYTE (8); 
MODE: BYTE (1); 
DATAREG: WORD (1); 
CSREG: WORD (1); 
MODEREG: WORD (1); 
DCP SHOW: 

LD R3,DATAREG; 
LD R1,CSREG; 
LD R2,MODEREG; 
LDB RL7,MODE; 
OUTB R2,RL/; 
% LOAD IVE REGISTER 
LDB RL7,#A5; 
OUTB R1L,RL7; 
LD R8,#8; 
LD R9, CIVE; 
OTIRB R3,R9 ,R8; 
% LOAD E KEY REGISTER 
LDB RL7,#11; 
OUTB R1,RL7; 
LD R8,#8; 
LD R9, CE KEY; 
OTIRB R3,R9 ,RB; 
% ENCRYPTION SESSION 
LDB RL7,#41; 
OUTB R1,RL7; 
LD R8,#8; 
LD R9, DCP_IN; 
LD R8,#8; 
OTIRB R3,R9 RB; 
LD R8,#8; 
LD R10, DCP_OUT; 
INIRB R10 ,R3,R8; 
LD R8,#8; 
OTIRB R3,R9 ,R8; 
LD R8, #8; 
INIRB R10 ,R3,R8; 
LD R8, #8; 
OTIRB R3,R9 ,R8; 
LD R8, #8; 
INIRB R10 ,R3,R8; 
LD R8,#8; 
INIRB R1O ,R3,R8; 


% TERMINATE CIPHERING SESSION 
LDB RL7 : 


OUTB 
END. 


b b 


R1,RL7; 
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SASVSQ SR SRSA Be Be 


Se SV SA SL BR 


DCP OUTPUT STORAGE AREA 

DCP INPUT STORAGE AREA 

CLEAR IV STORAGE FOR CBC/CFB ENCRYPTION 
CLEAR ENCRYPTION KEY 

MODE VALUE 


DATA REGISTER ADDRESS (MASTER PORT) 
COMMAND/STATUS REGISTER ADDRESS 
MODE REGISTER ADDRESS 


LOAD DATA REGISTER ADDRESS 

LOAD COMMAND/STATUS REGISTER ADDRESS 
LOAD MODE REGISTER ADDRESS 

LOAD MODE VALUE 

SET MODE (INCLUDES SOFTWARE RESET) 


*IVE LOAD COMMAND 


Bee se ae 


SR SV SA SL FQ se SX SL SL SL FR SA FS Be SS Be Be Be ra 


Be sk 


BYTE COUNTER 
ADDRESS OF CLEAR IVE FIELD 
STROBE 8 BYTE IV IN 


LOAD E KEY COMMAND 


BYTE COUNTER 
ADDRESS OF CLEAR E KEY FIELD 
STROBE 8 BYTES KEY IN 


START ENCRYPTION COMMAND 


BYTE COUNTER 

DATA INPUT FIELD 

TRANSFER FIRST BLOCK 

BYTE COUNTER 

TRANSFER SECOND BLOCK 

BYTE COUNTER 

DATA OUTPUT FIELD 

READ FIRST CIPHERED BLOCK BACK 
BYTE COUNTER’ 

TRANSFER THIRD BLOCK 

BYTE COUNTER 

READ SECOND CIPHERED BLOCK BACK 
BYTE COUNTER 

TRANSFER FOURTH BLOCK 

BYTE COUNTER 

READ THIRD CIPHERED BLOCK BACK 
BYTE COUNTER 

READ FOURTH CIPHERED BLOCK BACK 


LOAD STOP COMMAND 
ISSUE STOP COMMAND 


Chapter 4 
4.6. 2Z80* — Am9518/AmZ8968 


This chapter shows in two examples how the Data Ciphering 
Processor (DCP) can be interfaced to a Z8@ (Z8@A, Z8@B) CPU. All 
interface control signals are generated by one PAL device. 


In CPU transfer mode a ciphering speed up to 2898 kByte/s can be 
reached. A Z80@A DMA controller can double this value. Chapter 4.8 
(Z88-DMA-DCP) shows how to increase the speed to 1.1 MByte/s. 


The multiplexed address/data bus of the DCP is simulated using a 
two-cycle operation mode. An output instruction to an even 
address (Ag=Low) selects one of the internal registers of the 
DCP. In all subsequent I/O operations with Ag=High, the CPU can 
transfer data to or from DCP registers. The register address 
stays latched in the chip until the next Address Strobe latches 
in a new address. The Address Latch Cycle does not represent 
Significant overhead in an encryption or decryption session 
because, once the DCP is initialized and the data register is 
selected, no further Address Latch Cycle is needed. 


I/O addresses: XXXX XXX@ - Address Latch Cycle 
XXXX XXXL - Data Transfer Cycle 
X - user definable 


The AmPAL16R4 device controls the interface timing. Tt 
generates the synchronized strobe signals for the DCP and the 
Wait for the CPU to extend the cycles. 


The PAL device is programmed to allow two operation modes. In 
Mode A the DCP works with the same clock rate as the CPU. Mode B 
increases the ciphering speed by allowing higher than 4-MHz 
system clock rates for the CPU. In this mode, the PAL device 
provides half the system clock rate for the DCP. 


A system with a Z8@B at 6 MHz and an AmZ8@68 at 3 MHz increases 
the ciphering speed compared to a system where both the CPU and 
the DCP clock are 4 MHz; the limiting factor is the data 
transfer capability of the CPU. 


The key requirement in interfacing the DCP to a Z88 CPU is_ to 
meet the timing relationship between the Master Port Data 
Strobe (MDS) and the DCP clock. The rising edge of MDS must 
be synchronous to the falling edge of the clock. 


The Operation Modes 

Mode A: Both the Z8@ CPU and the DCP are operating synchronously 
at the same frequency. The DCP clock is inverted. This 
mode can be used with system clocks up to 4 MHz. No 
extra Wait states are inserted. 


*78@ is a trademark of Zilog, Inc. 
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OSC 





DECODER 


Am9518/ 


AmZ8068 





Note 1: A/B=HIGH: Z80-9518/Z80A-8068 (MODE A) \/ 


AIB=LOW: 2Z80B-8068 (MODE B) 04862A-52 


Figure 4.20. Z80-DCP Interface 
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Mode B: To get higher ciphering throughput, the data transfer 
speed of the Z8@ bus should be increased by uSing a 
higher system clock rate. In Mode B the PAL device 
divides the system clock by two to generate the DCP 
clock. The DCP clock is synchronized to the MDS by 
delaying the clock one half cycle if they are not in 
phase (Figures 4.23 and 4.24). During a Data Write 
Cycle, one extra Wait state is inserted. An AmZ8@068 
must be used in this mode even at a DCP clock rate of 3 
MHz because of its faster register access time. 


Figure 4.28 shows the interface. The A/B input of the PAL device 
is wired High to select Mode A or Low to select Mode B. 


The Interface Timing 
Address Latch Cycle: (Figures 4.21 and 4.22) 


Master Port Chip Select (MCS) is active when IORQ and CS are 
active Low and Ag=Low (even address). Master Port Address Strobe 
(MAS) is strobed Low for one system clock cycle during the 
automatically inserted Wait cycle Ty to meet the hold time 
requirement of MAS High to MCS High (parameter 35). 


Data Read Cycle: (Figures 4.21 and 4.22) 


A Data Read Cycle reads the register whose address was latched 
in the previous Address Latch Cycle. MCS and MAS are inactive 
the whole cycle. MDS is active during the last two clock cycles, 
Tw and T3. In both A and B Modes, no Wait state is inserted. WR 
and Ag must be High. In Mode B the DCP clock is set High in the 
beginning of T3 using an internal signal Q to synchronize the 
falling edge of the DCP clock to the rising edge of MDS. Q is 
only active in Mode B during Wait state Ty. This interface meets 
the data hold time of the Z80, because the data is stable to the 
beginning of Tj of the next machine cycle. 








Data Write Cycle: 


In this cycle, the CPU can write one byte into the addressed 
register. MCS and MAS are inactive. WR is active and Ag is 
High. 


Mode A (Figure 4.29) 


MDS is strobed Low for Ty. The DCP reads the data in at the 
beginning of T3- No Wait state is inserted. 


Mode B (Figure 4.23) 
MDS is strobed Low for the Wait cycle Tw and the additional 


Wait cycle Ty: to meet the minimum data strobe active time 
(parameter 44) of the DCP. The DCP reads the data in at the 


begin of T3> 
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A1-A7 VALID PORT ADDRESS 
AIT / \ 


— 
Se Ce 
aw la 
= ——*"_ / 


= 
QO 
” 


ADDRESS 
CYCLE 


WR \ / 
WRITE 
CYCLE 


: 


WR 
READ 
Ao DATA 
CYCLE 


= 
Oo 
” 
e 


DCP CLK O O 


* AUTOMATICALLY INSERTED BY THE Z80 CPU, 
(NO MORE WAIT’S ARE ALLOWED) 
04 862A-53 


Figure 4.21. Z80-Am9518/Z80A-AmZ8068 Timing Diagram (Mode A) 
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Data Ciphering Speed 


The byte transfer capability of the Z8@ system bus limits’ the 
data ciphering throughput of the DCP. A Z8@ DMA controller 
doubles the maximum throughput compared to a CPU-controlled 
transfer as indicated in the following table: 


System Clk DCP Clk CPU DCP Mode N T 

6 MHz 3 MHz Z8 0B AmZ8@68 B 168/176 G.28/0.27 
4 MHz 4 MHz Z8GA AmZ8%68 A 168 G.19 
2.5 MHZ 2.5 MHZ Z8@ Am9518 A 168 0.14 


N = Number of DCP clock cycles to transfer and cipher 8 bytes of 
data. In CPU-controlled modes the use of the Z8@ block 
transfer commands like INIR, INDR, OTIR or OTDR is assumed. 


T = Throughput in MByte/s 
The formula for calculating the throughput is: 


T= (8 * £) / (N + m) MByte/s 


f = DCP clock in MHz 
8 = 8 bytes per block 
m = Number of extra DCP clock cycles to get a 


Minimum delay time of five clocks between 
transferring the last byte of one block and 
the first byte of the next block. In CPU 
controlled transfers m=@ can be assumed, 
because the CPU has to evaluate instruction 
fetches and memory data transfers between two I/0 
accesses. MFLG indicates if the DCP accepts data 
transfer. 
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Figure 4.22. Address Latch Cycle (Mode B) (No Clock Synchronization) 
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Figure 4.23. Data Read Cycle (Mode B) 
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- Tw Tw 
Ti Ta (NOTE 1) (NOTE 2) T3 TT 


CPU CLK © 


A1-A7 VALID PORT ADDRESS 


Q 
WAIT / 
(NOTE 3) 


DCP CLK (1) a O 


OR 
DCP CLK (2) 


NOTE: 1. AUTOMATICALLY INSERTED WAIT STATE 
2. EXTRA WAIT STATE 
3. OPEN COLLECTOR OUTPUT 


04862A-56 


Figure 4.24. Data Write Cycle (Mode B) 


MODE A MODE B 


CLK1, CLK2 | | | | | | | | | | | | 


EY 
AB 


CLKB 


Ol 


04862A-57 


Figure 4.25. Clock Timing Diagram (Mode A and B) 
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PAL16R4 
DCP@46 


ADVANCED MICRO DEVICES 


CLK1 CLK2 /CS /TIORQ AG /WR- AB 
JOE NC /WAIT /CLKB /Q /MDS /MAS 
MCS = IORQ*CS*/AG . 
MAS := IORQ*CS*/AQ@*WR*/MAS ; 
MDS := IORQ*CS*WR*/MDS*AQ*AB +3 
IORQ*CS*WR*AQ* /MDS*/Q*/AB + 3; 
IORQ*CS*WR*AQ*MDS*Q*/AB + 
LORQ*CS* /WR*AG : 
CLKB := /CLKB*/Q*/AB : 
/CLK = CLK2*AB + ; 
7 CLKB : 
Q <= IORQ*CS*/MDS* /Q*AQ*/AB : 
IF (Q*WR) WAIT = £Q*WR : 
FUNCTION TABLE 
CLK1 CLK2 AB /CS /IORQ A@ /WR 
F / 7: 
ec. <C I / f/f fs W 
2 tL & f © / Cc M M M A 
>K K A CRA W G:C Bh. DP f 
->1 2 B S$ Q @ R K S§ s § f 


PAL DESIGN SPECIFICATION 
JUERGEN STELBRINK 5/2/83 
Z80—- AM9518/AMZ8068 INTERFACE CONTROLLER 


NC 


/MCS 


NC GND 
CLK VCC 


MASTER PORT CHIP SELECT 


MASTER PORT ADDRESS STROBE 


WRITE 
WRITE 
WRITE 
READ 


CLOCK 


(MODE 
(MODE 


DATA STROBE (MODE A) 
DATA STROBE (MODE B) 
DATA STROBE (MODE B) 
DATA STROBE (MODE A+B) 


FOR MODE B 


A) 
B) 


USED TO GENERATE MDS AND WAIT 


WAIT TO Z8@ 


CLK /MCS /MAS /MDS /WAIT /Q /CLKB 


MODE A: Z8@-— AM9518 OR Z8@A- AMZ8G@68 
(DCP CLOCK = CPU CLOCK) 


CLOCK GENERATION 


=e w~™Oe MO WO NS NWO 


X L H X X X X H X X X @ 
X H H X XK K X L X XK XK @ 

f 

7 ADDRESS LATCH 

: . 
H X H H H X 4H X H H H @ 
L Xk H L H OL 4A X H H H @ 
C X H L H L 4H X H H H @ 
H X H L LL Xx L H H @ 
C X H L BL Lt & Xx L L H @ 
C X H BL G&G LL &L X L H H @ 
H X H GL H OL HF X H H H @ 
C X H BL H FL &H X H H H @ 


\O 
op) 


Cc 

L 
J «K 
QO B COMMENT 
INTERFACE 
H 4H 
H H 
H H >; MACHINE CYCLE Tl 
H 4H 
H 4H 
H H 3 CYCLE T2 
H 4H 
H H 3; CYCLE TW 
H H  ¢ CYCLE 13 
H 4H 7 


WRITE DATA OPERATION 


=e “Se WO 


C X H L H 4H 4H X H H H 
C X H L BG AH GL X H H OL 
C X H L L H OL X H H 4H 
C X H GL H H &H X H H 4H 

r 

; READ DATA OPERATION 

7 
C X H L H H H X H H 4H 
C X H L GL H H X H H L 
C X H L L H UH X H H L 
C X H L H H H X H H H 


. “ee Oe WO 


C X H L L L a X L H 4H 


=e SO WS NRO We We WE 


INVALID OPERATION (READ IN ADDRESS LATCH) 
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CYCLE Tl 
CYCLE T2 
CYCLE TW 
CYCLE T3 


me ™ 8 NO TO 


CYCLE Tl 
CYCLE T2 
CYCLE TW 
CYCLE T3 


me ™ Oe MO NO 


> NO /MAS ! 


COMMENT 


~ 


MODE B: Z89B- AMZ8@68 INTERFACE 
(DCP CLOCK = CPU CLOCK/2) 


WRITE DATA OPERATION 


me te MO NO MO WO 


C X L HAH H H HA L H 4H 4H 
C X L H H H #H H H H 4H 
Cc X L LG BG HAH GL L H H OL 
Cc X L bL GL HL H H HH 
Cc X L LG GB A OG L H 4H 4H 
a 
Cc X L LG G&G AH GL H H H OL 
Cc X L L G&G HH OG H H H OL 
Cc X L L GB H OG L H H 4H 
v 
; READ DATA OPERATION 
v 
C X L H H H 4H H H H 4H 
C X L H H H A L H 4H 4H 
C X GL L GB H A H H HH OL 
C X L L LG HH H H H H OL 
C xX L L H H H L H H 4H 


Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
Z H 4H 
7 

W C 
A L 
I / kK 
T QO B 
Z H OL 
Z H 4H 
L GL L 
Z H 4H 
Z H OO 
L GL H 
Z H 4H 
Z H OL 
Z H 4H 
Z H 
Z.G dH 
Z H 4H 
Z H OL 


CYCLE Tl 

CYCLE T2 

FIRST WAIT CYCLE (CLK=L) 
SECOND WAIT CYCLE 

CYCLE T3 


=e ue “O VO TO 


FIRST WAIT CYCLE (CLK=H) 
SECOND WAIT CYCLE (SYNC !) 
CYCLE T3 


™=e sue WO 


CYCLE Tl 

CYCLE T2 

WAIT CYCLE 
CYCLE T3 (SYNC!) 
NEXT CYCLE 


=e we TO MO NO 
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DESCRIPTION: 


THIS PAL GENERATES ALL NECESSARY BUS CONTROL SIGNALS, TO INTERFACE 
THE AM9518 OR AMZ8G@68 TO THE Z88 CPU WITH A SYSTEM CLOCK UP TO 6 MHZ. 


2 INPUT AND 1 INPUT/ OUTPUT PINS ARE NOT USED, SO THAT FOR EXAMPLE 
A DATA BUS TRANSCEIVER CONTROL LOGIC CAN BE ADDED. 


IN SYSTEMS WITH A CLOCK UP TO 4 MHZ, THE DCP RUNS DIRECTLY AT THIS 
FREQUENCY (MODE A, INPUT AB = HIGH). 

IF THE FREQUENCY IS HIGHER, THE DCP IS DIVIDED BY TWO FROM THE 
SYSTEM CLOCK (MODE B, AB = LOW). 


INPUT PINS: 


CLK1, CLK1 IS THE CLOCK INPUT FOR THE FOUR INTERNAL D-FLIP-FLOPS. 
CLK2 THEY ARE CLOCKED BY THE RISING EDGE OF CLK1. THE DCP DATA 
STROBE MUST BE SYNCHRONOUS TO THE FALLING EDGE OF THE CLOCK; 
THE INVERTED CLK2 IS THEREFORE SENT TO THE OUTPUT CLK. 
IN MODE B CLK2 IS SYNCHRONIZED BEFORE IT APPEARS ON THE CLK 
OUTPUT. BOTH INPUTS ARE CONNECTED TO THE Z8@ SYSTEM CLOCK. 


/CS CHIP SELECT GENERATED BY AN ADDRESS DECODER LOGIC 
(ACTIVE LOW). IF /CS IS ONLY ACTIVE IN I/O CYCLES, 
THE /IORQ INPUT CAN BE WIRED LOW. 


/ TORQ INPUT/ OUTPUT REQUEST OF THE Z8@ (LOW ACTIVE) 
AG LEAST SIGNIFICANT BIT OF THE Z8@ ADDRESS BUS 

TO SELECT TYPE OF OPERATION: 

AQ= LOW SELECT REGISTER FOR NEXT DATA CYCLES 


(ADDRESS LATCH) 

A@= HIGH READ OR WRITE INTERNAL REGISTER 
(DATA TRANSFER TO CONTROL, MODE, INPUT 
OR OUTPUT REGISTER) 


/WR WRITE SIGNAL OF THE Z8@, DEFINES DATA TRANSFER DIRECTION 
AB AB= HIGH MODE A 
AB= LOW MODE B 


OUTPUT SIGNALS: 


/WAIT ACTIVE LOW DURING FIRST WAIT CYCLE IN WRITE DATA 
OPERATION IN MODE B, TO GENERATE AN EXTRA WAIT STATE. 
THE OTHER TIME /WAIT IS IN THREE STATE. 


/MCS MASTER PORT CHIP SELECT, ONLY ACTIVE IN ADDRESS LATCH 
CYCLES 
/MAS MASTER PORT ADDRESS STROBE, ACTIVE IN ADDRESS CYCLES 


TO LATCH THE REGISTER ADDRESS AND /MCS IN. THE DCP 
STORES INTERNALLY THE ADDRESS AND THE CHIP SELECT 
TO THE NEXT ADDRESS LATCH CYCLE 


98 


/MDS 


CLK 


/CLKB 


/Q 


Chapter 4 


MASTER PORT DATA STROBE TO ENABLE DATA TRANSFER TO THE 
INTERNAL REGISTERS OF THE DCP 


DCP CLOCK, IN MODE B SYNCHRONIZED TO THE MASTER PORT DATA 
STROBE (/MDS) 


DCP CLOCK OUTPUT INTERNALLY USED FOR MODE B (NOT CONNECT) 


INTERNAL STATUS SIGNAL (NOT CONNECT) 
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Figure 4.26. 8085-DCP Interface 
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4.7. 8085A — Am9518 


Figure 4.26 shows the interface diagram between the 8885 
microprocessor and the Am9518 Data Encryption device. The DCP 
and the CPU operate synchronously at a maximum clock rate of 2.2 
MHz, considerably simplifying the interface requirements. 


Interface Description 


The 8-bit address/data bus of the CPU is directly connected to 
the Master Port of the DCP. The Master Port Data Strobe is 
driven by RD or WR. The MR/W input of the DCP is connected to 
the status line Sl of the 8885. This line is High whenever the 
CPU_executes a read instruction. The Master Port Address Strobe 
(MAS) is the inverted Address Latch Enable (ALE). A decoded 
address and M/IO=Low produces an active Low Master Port Chip 
Select. It is latched by MAS. 


The Clock 


The DCP can operate with the inverted CPU clock if the clock is 
slowed down to satisfy the minimum High time requirement of the 
DCP. The 8@85A data sheet gives a formula to determine the 
minimum clock High and Low times for slower clocks. 


Minimum High time: 9.5 * T - 8@ ns (T=clock cycle width) 


This time must be at least 15@ ns for a Am9518 and 115 ns for a 
AmZ8068, resulting in a maximum clock rate of 2.2 MHz and 2.5 MHz 
respectively. 


Minimum Low time: 0.5 * T - 48 ns 
It is 198 ns at 2.2 MHz. 


The DCP requires that the MDS is synchronous to the clock. The 
range is @ - TWL - 109@ ns for the Am9518. TWL is the real Low 
time of the clock. 


The 8885 timing specification does not specify a timing 
relationship between the clock and RD or WR; the designer must 
verify. 


Improvements 


A more sophisticated interface avoids the missing timing 
specification and allows interfacing to a faster CPU. Ideas 
can be found in the iSBX Bus Interface (Chapter 4.18) or 68909 
Interface (Chapter 4.4). The first shows a totally asynchronous 
operation of the DCP and the CPU; the second shows how to delay 
the rising edge of the clock following MDS. 
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4.8. 280 -—- DMA — Am9568 


This application design shows how to increase the ciphering 
throughput to 89@ kByte/s using the advanced 8-bit DMA 
Controller Am9517A-5 (also called the 8237-5). The host CPU is a 
Z8Q0A (Figure 4.27). 


The CPU sets up a data block in memory and programs the DMA 
controller to transfer this data block to the DCP via the Master 
Port. The DCP encrypts the data. A high-speed peripheral device 
can read out the ciphered data from the Slave Port. This dual- 
port configuration allows data input and output simultaneously 
and increases the throughput compared to a sSingle-port 
configuration by a factor two. In the single-port configuration, 
only the Master Port is used for data transfer; it handles both 
the clear and ciphered data. 


The multiplexed address/data bus of the DCP is simulated in a 
two-cycle operation. For output operation to an even address the 
PAL interface timing controller generates a Master Port Address 
Strobe (MAS) to select one of the internal registers. Subsequent 
I/O operations to an odd address (Ag=High) transfer data to or 
from the preselected DCP register. During I/O operations to an 
odd address, the PAL device generates Master Port Data Strobes 
(MRD or MWR). Before the DMA block transfer is started, the CPU 
must preselect the DCP data register. The register address of 


the data register is Gy; 





The DMA controller operates in "flyby" mode. Data is transferred 
on the system data bus one byte at a time from memory to the DCP 
or vice versa without going through a DMA register. AnI/O Read 
(IOR) and Memory Write (MEMW) or I/O Write (IOW) and Memory Read 
(MEMR) are active at the same time. The DCP is selected by DMA 
Acknowledge (DACK). The PAL device treats DACK as CS active and 
Ag=High. In this design the DMA controller can only execute data 
transfer cycles; it is not able to change the internal register 


address of the DCP. 





The DMA controller is set up for Demand Transfer Mode. It 
releases the bus when the data request input goes inactive. The 
Master Port Flag (MFLG) is wired to the data request input. The 
flag output goes active when the DCP is ready to accept data or 
the output data is ready to be read out. After transferring one 
block of data (8 bytes), this flag goes inactive until a new 
block can be put in or read out. The inactive time depends on 
the response time of the peripheral logic at the Slave Port. This 
flag is inactive a minimum of five clocks. 





Speed 


The DMA controller needs three clock cycles to transfer one byte. 
After each block transfer (8 bytes) the DMA controller releases 
the bus and requests it back if MFLG goes active again. This 
time is assumed to be 12 clocks. The ciphering of one block is 
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done concurrently with the input of the next block; the internal 
operation is pipelined. The maximum throughput can be calculated 
as: 


T= 8 / (8 * 3 + 12) * 4 MHz = 0.89 MByte/s 


The Compressed Transfer mode of the DMA controller cannot be 
used, because the PAL synchronization logic needs normal timing 
to synchronize the Data Strobes to the DCP clock. 


Initialization 


The Multiplexed Control Mode (C/K=Low) of the DCP is selected to 
enable access to the internal registers. The CPU first 
programs the Mode Register to reset the DCP and to set up the 
port configuration and ciphering mode. After that, the keys’ and 
initial vectors can be loaded. To initialize the DCP for DMA 
transfer, the CPU executes one Address Latch Cycle, to pre-select 
the data register. 


The DMA controller must be programmed such that DREQ and DACK are 
active Low. 


Timing 


The PAL device simulates the multiplexed address/data bus of 
the DCP assuming a two-cycle operation mode. In the first cycle 
the CPU latches the address of the internal register into 
the DCP; subsequent cycles transfer data to or from the selected 
register. Address Ag distinguishes the two cycles (Figure 4.28). 
An I/O instruction with Ag=Low generates an address latch cycle; 
an I/O instruction with Ag=High generates a data transfer cycle. 


The DMA controller must be initialized for “extended” I/O write 
in order to have a similar I/O bus timing to the Z8@A CPU. A 
"late" I/O write delays the Master Port Write Strobe (MWR) to the 
DCP by one clock cycle. If a late write is used, the data bus 
will not be valid at the time data is latched. 


To execute a DCP-to-memory transfer, the DMA does an I/O read and 
memory write. The DMA controller can be programmed for an 
"extended" or "late" write, depending on the memory design. 


In "flyby" mode the DMA controller generates no I/O address, so 
the CPU has to preselect the data Input or Output Register. A DMA 
Acknowledge (DACK) enables MRD or MWR to control the data 
transfer. 


Figure 4.29 shows the DMA-DCP data transfer timing. When the DMA 
Controller has transferred one block of data, the data transfer 
has to be stopped until the DCP is ready for the next block 
transfer. The DCP makes the DMA Controller stop the transfer by 
deactivating MFLG. If MFLG is Low, data may be transferred; if 
MFLG is High, the DCP does not accept data transferred. The 
timing of the MFLG to DREQ path is the most critical in this 
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Figure 4.29. DMA-DCP Timing Diagram 
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application. If MFLG is deactivated too late, the DMA Controller 
will issue another data transfer which will be disregarded by the 
DCP. The critical signal path will be analyzed below. 


To prevent the DMA from issuing another cycle the Data Request 
input has to go inactive by the falling edge of the DMA clock at 
the end of cycle S3. The DMA controller samples the input at 
this time and instigates another cycle if the request is still 
active. The set-up time of DREQ is @ ns. The Master Port Flag 
which is connected to the DREQ input goes inactive in the 
eighth cycle with a maximum delay time of 158 ns after the 
Data Strobes. The Data Strobe itself has a maximum delay time 
of 198 ns (Am9517A-5) after the rising edge of the clock in cycle 
S9- That gives a time window of 375 ns of which 348 ns are 
already used for the two delays (198 ns + 158 ns). The 
propagation delay of a fast PAL device is 25 ns. This leaves 
18 ns for other delays in the signal path. 


The PAL design assumes that the system memory needs no Wait 
states. 


The peripheral logic at the Slave Port can use the Slave Port 


Flag (SFLG) to time the transfer. If SFLG is active Low, data can 
be written to or read from the data register. 
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PAL16R4 
DCPG@48 - 


Z88A—- AM9517(DMA)- AM9568 (DCP) INTERFAC 


ADVANCED MICRO DEVICES 


CLK1L CLK2 /CS /IOR /IOW AQ 

JOE J/MWR /MRD /Q1 /Q2 /Q3 

/MALE := /IOW+IOR+/CS+AQ+MALE 

Ql = CS*AG*IOR*/IOW*/Q2 + 
CS*AQ* IOW*/IOR*/Q3 + 
DACK* ILOR* /IOW* /Q2 + 
DAC K* IOW* /IOR*/Q3 

Q2 = CS*AG*IOR*/IOW*OL + 
CS*AG* IOR*/IOW*Q2 + 
DACK* IOR* /IOW*Q1 + 
DAC K* IOR* /IOW*Q2 

Q3 2:= CS*AG*IOW*/IOR*QOL + 
CS*AG* IOW*/IOR*Q2 + 
DACK* LOW* /IOR*Q1 + 
DACK* IOW* /IOR*Q2 

MRD = CS*AG*IOR*/IOW + 
DACK* IOR* /IOW + 
Q2 

MWR = CS*AQ*IOW*/IOR*/Q3 + 
DACK* IOW* /IOR* /Q3 

/CLK = CLK2 


FUNCTION TABLE 


/MFLG /DACK NC 
MALE 


v 


=e 


=e 


CLK 


PAL DESIGN SPECIFICATION 
JUERGEN STELBRINK 8-9-83 
E DEVICE 


GND 


NC CLK VCC 


MASTER PORT ADDRESS STROBE 


MASTER PORT READ 


MASTER PORT WRITE 


DCP CLOCK 


MALE /MRD /MWR /Q1 /Q2 /Q3 


CLK1 CLK2 /CS /IOR /IOW /DACK Ag 
; / 
7; Cc °C i, Ff 2D M / 
->L Lb / I I A c A M 
> K K CO OC A L GL R 
->1 2 SS RW K @ K E D 
> CLOCK GENERATION 
eb. 36 3 x x. & H xX xX 
X H X X X X X L xX Xx 
> ADDRESS LATCH 
Cc xX H H H HL Xx L 4H 
Cc X L H L HL X H 4H 
Cc X L H L HL X L H 
Cc xX H H H HL X L H 
- READ DATA | 
X X H H H H 4H X L H 
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X X GL LG HH H H X L GL H H H A 
Cc X L G H H 4H X L GL HH G HH H 
C X L L H H A X L L H Lb LL aH , CYCLE TW (EXTRA WAIT STATE) 
C X L L H H 4H X L LH H GL H ; CYCLE T3 
C xX H H H H 4H X L H H H H HA , CYCLE Tl 
X X H L H GL X X L GL HH H H H ; CYCLE S3 (DMA) 
C xX H L H GL X X L GLC AH GL H &H 
C X H L H GL X X L LG aH BL GL au ; CYCLE S4 
C X H H H H X X L H H H H HA ; CYCLE S2 
; WRITE DATA 
X X L H GL HAH HF Xx L H L H AH H ; CYCLE TW (CPU) 
C X L H GL H #H X L H LG GL AH &H 
C X L H GL H 4H Xx L H H GL HL ; CYCLE T3 
C X H H H H 4H X GL H H HAH H H ; CYCLE TL 
X X H H GL GL &H X L H G H A &H ; CYCLE S3 (DMA) 
C xX H H L LG H X L HH L G HH &H 
C X H H L L 4H X L H H GL FL ; CYCLE S4 
C X H H H H H X L HH H H H UA ; CYCLE S2 
7 
DESCRIPTION: 


THIS PAL GENERATES ALL NECESSARY BUS CONTROL SIGNALS, TO 
INTERFACE A Z8@A CPU AND A AM9517 DMA CONTROLLER TO THE AM9568 
DATA CIPHERING PROCESSOR. THE MAXIMUM SYSTEM CLOCK FOR ALL PARTS 
IS 4 MHZ. | 


1 INPUT AND 3 INPUT/ OUTPUT PINS ARE NOT USED. 


INPUT SIGNALS: 


CLK1, 
CLK2 


/CS 
/IOR 
/ LOW 


Ag 


/DACK 


Z8@ SYSTEM CLOCK 


CHIP SELECT FOR THE DCP, GENERATED BY A DECODER LOGIC 
INPUT/OUTPUT READ 
INPUT/OUTPUT WRITE 


LEAST SIGNIFICANT BIT OF THE Z8@ ADDRESS BUS TO SELECT 

THE TYPE OF OPERATION: 

Ag = LOW SELECT DCP REGISTER FOR NEXT DATA CYCLES 
(ADDRESS LATCH) 

A® = HIGH READ OR WRITE INTERNAL REGISTER 
(DATA TRANSFER TO CONTROL, MODE, INPUT OR 
OUTPUT REGISTER) 


DMA ACKNOWLEDGE FROM DMA CONTROLLER, TREATED AS /CS=LOW 
AND A@=HIGH 
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OUTPUT SIGNALS: 


CLK 


MALE 


/MRD 
/MWR 
/Ql, 


/Q2, 
/Q3 


INVERTED SYSTEM CLOCK FOR THE DCP 


MASTER PORT ADDRESS LATCH ENABLE, ACTIVE DURING ADDRESS 
LATCH CYCLES TO LATCH THE REGISTER ADDRESS ON MP1 AND MP2 
(2 LINES OF THE MASTER PORT BUS) AND THE STATE OF /MCS 
IN. THE DCP STORES INTERNALLY THE ADDRESS AND CHIP SELECT 
TO THE NEXT ADDRESS LATCH CYCLE 


MASTER PORT READ, TO ENABLE REGISTER READ OPERATIONS 

MASTER PORT WRITE, TO ENABLE REGISTER WRITE OPERATIONS 
INTERNAL USED STATE SIGNALS (DO NOT CONNECT). Q1 IS ACTIVE 2 
CLOCK CYCLES IN EACH DATA TRANSFER OR DMA ACKNOWLEDGE CYCLE. 
IT IS USED TO GENERATE THE DELAYED Q2 AND Q3. Q2 IS USED TO 


HOLD /MRD ACTIVE UNTIL /IOR IS GONE INACTIVE. Q3 MASKS /MWR 
OFF. 
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4.9. 8888 -—- DMA — AmZ8968 


This interface design is similar to that of the previous chapter. 
The differences are that the Am9568 is replaced by the AmZ8@68 
and the PAL device is reprogrammed for the 8888 CPU bus timing 
(READY). In this chapter, only the differences in the Z808-DMA-DCP 
interface are discussed. For additional information refer to 
Chapter 4.8. 


Figure 4.38 shows the CPU-DMA interface. The CPU is operating in 
Maximum Mode. The bus arbitration handshake of the DMA 
controller (HREQ and HACK) must be translated into the Bus 
Request/Grant handshake of the 8888 CPU, as described in the 
application note, "A Tested Design for the Evaluation of the 
Am9516 UDC in an 88086 Environment" published in the 
Am9516/AmZ8816* Technical Manual. 


If the CPU is programmed to operate in Minimum Mode, both devices 
have the same bus arbitration handshake. The HREQ and HACK of the 
DMA controller can be connected directly to the corresponding 
pins of the CPU (HREQ to HACK). 


The central part of this interface is a PAL device. The Chip 
Select 2 (Cg5) input of the PAL device must be stable during the 
entire I/O transfer. This is guaranteed by decoding CS5 from 


phe vatened address/data bus of the 8088 (Ag to Aj5 in Figure 


Master Port Read/Write is latched in the D-Flip-Flop. It is 
clocked in an output operation with Cs3 active. One of the data 
lines is latched in to define the status on the MR/W input. This 
is necessary because the DCP requires a set-up time of 198 ns of 
MR/W to the Data Strobe. Generation of MR/W for each cycle of a 
high-speed data transfer session of the DMA controller would 
extend each cycle and slow down the maximum throughput. This 
logic cannot be integrated into the PAL device because of 
the flip-flop's asynchronous clock. 


Before executing an access to the DCP the CPU must latch the 
MR/W. The transfer itself is evaluated in a two-cycle operation. 


Master Port Address Strobe (MAS) is only generated if the CPU 
executes an output instruction to a specific I/O address (CS 
active, Ag=Low) (Figure 4.31). Address Latch Enable of the CPU 
(ALE) cannot be used for the generation of MAS because the CPU 
must set up the DCP for data transfer before a DMA transfer 
session is started. The DCP is set up by putting out a 99; (data 
register address) to the I/O address mentioned above. 


Figures 4.32 and 4.33 show data read and write cycles. Figure 
4.34 shows DMA data read and writes cycles. 


*AmZ8016 is a trademark of Advanced Micro Devices, Inc. 
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Figure 4.30. 8088-Am9517-AmZ8068 Interface 
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Figure 4.32. Data Write Cycle Timing (CPU-DCP) 
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Figure 4.33. Data Read Cycle Timing 
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PALIL6R4 PAL DESIGN SPECIFICATION 
DCP@49 JUERGEN STELBRINK 8-12-83 
8088—- AM9517(DMA)- AMZ8@68(DCP) INTERFACE DEVICE 
ADVANCED MICRO DEVICES 
CLK1l CLK2 JCS J/IOR /IOW AQ RW /DACK NC GND 
JOE /MDS READY /Q1 /Q2 /Q3 /MAS NC CLK VCC 
MAS s= IOW* /IOR*CS*/AG*/Q3*/MAS ,; MASTER PORT ADDRESS STROBE 
Ql = CS*IOR*/IOW* RW* /Q2 + 
CS* IOW* /TOR* /RW*/Q3 + 
DACK* ILOR* /IOW* RW*/Q2 + 
DAC K*¥ IOW* /ITOR* /RW*/Q3 
Q2 = CS*IOR* /IOW*RW*QL + 
CS* IOR* /IOW* RW*Q2 + 
DACK* IOR* /IOW* RW*Q1L + 
DAC K* IOR* /IOW* RW*Q2 
Q3 := CS* IOW* /IOR* /RW*Q1 + 
CS* IOW* /IOR* /RW*Q2 + 
DACK* IOW* /IOR*/RW*Q1 + 
DAC K* IOW* /IOR* /RW*Q2 
MDS = CS*A@*IOR* /IOW* RW + > MASTER PORT READ 
DACK* IOR* /IOW* RW + 
Q2*Ad + 
CS*AQ* IOW* /IOR* /RW*/Q3+ ; MASTER PORT WRITE 
DACK* IOW* /IOR* /RW* /Q3 
/READY = CS*/AG* IOW*/IOR* /RW*/03+ , ADDRESS LATCH CYCLE 
CS*AG* IOW* /IOR*/RW*/03 + ; DATA WRITE CYCLE 
CS*AQ* IOR* /IOW* RW*/Q2 
/CLK = CLK2 * DCP CLOCK 


FUNCTION TABLE 


CLK1 CLK2 /CS /IOR /IOW /DACK A@ RW 


; / | 
7c. 2C / f D J. ff 
> L Lb / I I A Cc M M 
->K K C 0 OC A R L A D 
->1 2 S55 RW K @ W K s s 
; CLOCK GENERATION 

Xx Lx xX x x x x H x Xx 

X H X X X xX xX X L X 
* ADDRESS LATCH 

Cc xX H H H HL X H 4H 

Xx X LH L HL O X H 4H 

Cx th: > Ae 4 thd X L H 
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c xXx L HL HL SL X H H H L HSL 

Cc Xx H H H HL X H H H H H 4H 
; READ DATA 

X X H H H H H 4H X H H H H H B : CPU 

X xX L L H H H 4H X H L L H H H 

c x L BL H H H 4H Xx H LLL dH # 

c x L L H H H H X H L HL L 4H 

Cc X LL H H H 4H X H L H H L H 

C xX H H H H 4H 4H X H H H H H 4H 

X X H L H L X 4H X H L H H H 4H ; CYCLE $3 (DMA) 

Cc xX H L H L X H X H L H L H 4H 

Cc xX H L H L X 4H Xx H L H LL H > CYCLE S4 

Cc X H H H H X 4H X H H H H H 4H > CYCLE S2 
; WRITE DATA 

X X L HH L H H X H L L H H 4H > CPU 

c xX BL H LB H HL X H L LL L H H 

c xX L H L H #H OL X H H H L H GL 

Cc X H H H H 4H X H H H H H 4H 

X X H H L L HOG X H L H H H 4H ; CYCLE S3 (DMA) 

Cc X H H L LHL X H L H L HH H 

Cc xX H H L LHL X H H H L H OL > CYCLE S4 

Cc X H H H H #H L X H H H H H 4H > CYCLE $2 
> INVALID CYCLES 

X X L L BL H HH 4H X H H H H H 4H 

X X L BL H H HL X H H H H 4H 4H 

Xx xX L H L H H 4H X H H H H H 4H 


DESCRIPTION: 


THIS PAL GENERATES ALL NECESSARY BUS CONTROL SIGNALS, TO 
INTERFACE A 8088 CPU AND A AM9517 DMA CONTROLLER TO THE AMZ8068 
DATA CIPHERING PROCESSOR. THE MAXIMUM SYSTEM CLOCK FOR THE DMA 
CONTROLLER AND THE DCP IS 4 MHZ, THE SYSTEM CLOCK OF THE CPU CAN 
BE UP TO 8 MHZ. THE DEVICES ARE WORKING ASYNCHRONOUSLY. 


INPUT SIGNALS: 


CLK1l, DMA CLOCK 


CLK2 

/CS CHIP SELECT FOR THE DCP, GENERATED BY A DECODER LOGIC 
/IOR INPUT/ OUTPUT READ 

/IOW INPUT/ OUTPUT WRITE 

AG LEAST SIGNIFICANT BIT OF THE Z8@ ADDRESS BUS ae SELECT | 


THE TYPE OF OPERATION: 

AZ = LOW SELECT DCP REGISTER FOR NEXT DATA CYCLES 
(ADDRESS LATCH) 

A@ = HIGH READ OR WRITE INTERNAL REGISTER 
(DATA TRANSFER TO CONTROL, MODE, INPUT OR 
OUTPUT REGISTER) 
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DMA ACKNOWLEDGE FROM DMA CONTROLLER, TREATED AS /CS=LOW 
AND A9Q=HIGH 


READ/ WRITE SIGNAL STORED IN A EXTERNAL LATCH, TO ALLOW 
A DMA OPERATION WITHOUT WAIT STATES. THIS SOLVES THE 
PROBLEM OF THE SETUP TIME OF MR/W OF THE MASTER PORT TO 
MDS GOING ACTIVE. THE STATUS OF THIS SIGNAL MUST AGREE 
WITH /IOR OR /IOW OR THE PAL GENERATES NO STROBES. 


OUTPUT SIGNALS: 


CLK 


/MAS 


/MDS 


/Ql, 
/Q2, 
/Q3 


INVERTED DMA CLOCK FOR THE DCP 


MASTER PORT ADDRESS LATCH ENABLE, ACTIVE DURING ADDRESS 
LATCH CYCLES TO LATCH THE REGISTER ADDRESS ON MP1 AND MP2 
(2 LINES OF THE MASTER PORT BUS) AND THE STATE OF /MCS 
IN. THE DCP STORES INTERNALLY THE ADDRESS AND CHIP PEEEGs 
TO THE NEXT ADDRESS LATCH CYCLE 


MASTER. PORT DATA STROBE, TO TIME DCP DATA TRANSFERS 


INTERNAL USED STATE SIGNALS (DO NOT CONNECT). Q1 IS ACTIVE 2 
CLOCK CYCLES IN ALL CYCLES. IT IS USED TO GENERATE THE DELAYED 
Q2 AND Q3. Q2 IS ACTIVE IN A DATA READ CYCLE. IT ALLOWS /MDS 
TO BE ACTIVE UNTIL /IOR HAS GONE INACTIVE. Q3 IS ACTIVE IN AN 
ADDRESS LATCH OR DATA WRITE CYCLE. Q3 DISABLES READY AND /MDS 
IN THE SECOND HALF OF THE CYCLE. 
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4.19. iSBX BUS -— Am9568 


The iSBX board described below adds high-speed data ciphering 
capability to a Multibus-based system. This iSBX board can be 
plugged into any Multibus board with an iSBX connector. The iSBX 
bus timing and bus’ signals are described in the "“iSBX Bus. 
Specification" (see Literature List). 


The Master Port of the DCP is interfaced to the iSBX bus. The 
multiplexed address/data bus of the DCP is simulated in a two- 
cycle operation. 


The interface timing controller, a PAL device, generates the 
address and data strobes for the DCP and the Wait signal for the 
host CPU. 


The Auxiliary Port enhances the security of the system by 
preventing a CPU access to the keys. The keys can be loaded from 
a small bipolar PROM or from a device connected to the Key 
Connector. This device can be an optical or magnetic key reader. 


The Key Connector provides two power supply lines for the 
external device, Ground and +5 V. Two address buses (a 3-bit 
encoded bus (Ag to .A2) and an 8-bit decoded bus (0g to 07)) 
select one of the eight key bytes (Figure 4.35). The user can 
choose one of these two address buses. At any time, only one of 
the eight lines of the decoded bus (0g to 07) 1S active Low. 
Eight input lines (Ig to I7) carry the key byte to the Auxiliary 
Port. Pull-up resistors force the data lines High if no device 
is connected to the Key Connector. 


The ciphering throughput of this particular design is limited by 
the iSBX bus byte transfer capability. In the single-port 
operation mode chosen, the maximum throughput is about 209 
kBytes/s, high enough even for speech ciphering applications. The 
throughput can be doubled if the interface design is changed to 
allow dual-port operation. 


The two-cycle operation mode is chosen in this interface design 
because it allows a faster ciphering speed and needs less 
interface logic. The whole interface logic fits into one PAL 
device. The disadvantage of this approach is software overhead 
for initializing the device. Under software control two types 
of cycles are generated, an Address Latch Cycle and a data 
transfer cycle. | 


The address latch cycle is started by an output operation of 
the CPU to aneven I/O address which selects this iSBX board. 
The internal DCP register address to be accessed by the CPU is 
transferred via the Master Port data bus. MP] and MP2 carry the 
relevant address information. In this cycle only MALE is 
generated. | 
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_ Figure 4.37. Data Write Cycle (MA g = High) 
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A data transfer cycle is executed in an output operation to an 
odd address. The transfer is made from or to the register that 
was selected in the previous Address Latch Cycle. 


This approach is faster than simulating a multiplexed bus because 
a Master Port Address Latch Enable (MALE) need not be generated 
in a high-speed data transfer session. The data register address 
is latched in the chip by an Address Latch Cycle at the beginning 
of the session. The data session itself has no address latch 
overhead. 


Address Latch Cycle 


The Master Port Address Latch Enable (MALE) latches the state of 
Master Port Chip Select (MCS) and the internal register address 


on MP, and MP2. Subsequent data cycles use this 2-bit address. 


The PAL device starts generating an Address Latch Cycle if the 
iSBX signals indicate a CPU output operation to an even port 
address. IOWRT (I/O write command) and MCsg (M Chip Select @) are 
active, MAg (M Address @) is Low and MCS] is inactive. 


The portion of the PAL device generating MALE operates as a 
state machine. MALE is set at the first falling edge of CLK, when 
MCSg and IOWRT are active. The next falling edge resets MALE and 


sets the internal state variable Q which inhibits MALE from 
being set again. 


MWAIT inserts CPU Wait states until the register address is 
latched onthe falling edge of MALE. The rest of the cycle is 
unavoidable overhead because the iSBX bus timing specifies no 
minimum delay time between MWAIT inactive and the end of the I/0 
cycle. If MCS glitches, MWAIT also glitches. The delay is less 
than 35 ns, which meets the iSBX timing specification. Q removes 
MWAIT, after MALE became inactive. 


Figure 4.36 illustrates an Address Latch Cycle. 

Data Write Cycle 

The CPU can write commands, data or keys to the previously 
selected internal register. Data is latched with the rising edge 
of Master Port Write (MWR). 

The generation of MWR is similar to that of MALE. The difference 
is that an output operation to an even address (MAg=High) 
initiates the state machine of the PAL device. The pulse width 
of MWR is one clock cycle. 

MWR 1s synchronous to the falling edge of the clock (CLK) to 
meet the critical timing parameter 45 of the Am9568 product 
specification. 


Figure 4.37 illustrates a Data Write Cycle. 
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Figure 4.39. Auxiliary Port Key Load Timing 
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Data Read Cycle 


A data read cycle is initiated when MCSg and IORD are active, 
MAg is High and MCS} is inactive. The CPU then can read the 
addressed internal register. 





MCSg causes MWAIT to be asserted Low in order to extend the 
cycle. MWAIT guarantees a minimum of one clock access time to 
the DCP register (min. 258 ns at 4-MHzZz DCP clock). This 
Satisfies timing parameter 49 (208 ns_ minimum). The CPU can 
latch the data bus any time between MWAIT and IORD becoming 
inactive. The data on the DCP data bus is valid until the 
first falling edge. of CLK after IORD becomes inactive. MRD 
changes to High synchronous with that edge to satisfy timing 
parameter 45 (@ to 3@ ns). 


The iSBX bus timing specifies that the data bus has to be 
floating within 15@ ns after MCS inactive. To satisfy this 
parameter and to prevent data bus contention in the end of a data 
read cycle, the data bus transceiver U2 in Figure 4.35 
disconnects the DCP data bus from the CPU data bus. Two NOR 
gates (74LS@2) combine MCS and MRD, to generate the receive 
control signal for U2. 


Figure 4.38 illustrates a data read cycle. 
Key Load Logic 


The DCP has three keys stored on the chip: one key for 
encryption, one key for decryption, and a Master Key. Each of 
these 56-bit keys can be loaded through either the Master 
Port or the Auxiliary Port. The keys are transferred in eight 
cycles, one byte at a time. Note that the least significant bit 
of each byte is a parity bit for odd parity ((8 - 1) * 8 = 56). 


This application note offers two methods of loading the keys 
through the Auxiliary Port: 


- A 32 * 8-bit PROM can hold one key, either the Master Key or 
one key used for both encryption and decryption. 


- A wide variety of devices from a simple 8 by 8 jumper matrix to 
an advanced card reader can be plugged into the Key, Connector. 
Software compensates the speed of the device. 


Sequencer U4, a 74LS161 4-bit up counter, generates a 3-bit 
address sequence for the Master Key PROM U6 and the _ Key 
Connector. The least significant bit of the sequencer is wired to 
the Auxiliary Port Strobe input ASTB of the DCP. 





The two sequencer control signals, ACLR and CP, are controlled 
by software. 
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The Asynchronous Clear input CLEAR initializes U4 with outputs A 
to D Low. The first key byte is addressed. Ripple Carry output 
RCO is inactive High. 


The first pulse on the clock input CK produces arising edge at 
ASTB to strobe in the first key byte. The rising edge of ASTB is 
synchronous to the clock CLK to satisfy timing parameter 62 (@ 
to 5@ ns). The software controlled delay time between ACLR and CP 
or between the following CPs allows interfacing to any external 
key device. In the case of reading from the Master Key PROM, no 
software Wait loop is required because the access time of this 
PROM meets any CP sequence. 





The acknowledge input ACK can be pulled Low by the Key Load 
Device to signal the CPU that the key byte at the Auxiliary Port 
is valid. The PAL device transfers the state of this input to 
the iSBX data bus line 8 during an I/O read operation with MCSj 
active. 


The second pulse on CP increments the address output of the 
sequencer. The delay time between the first and second pulse 
satisfies the data hold time requirement of 8@ ns (timing 
parameter 65) of the Auxiliary Port. 


A sequence of 15 pulses on CP transfers all 8 bytes of the key 
into the DCP. After the 15th pulse RCO becomes active to disable 
further key strobes (ASTB). 





The 3 to 8 line decoder U5 creates a decoded address for the Key 
Connector. 


Figure 4.39 illustrates the key load sequence. 
The PAL Device 


The interface timing circuit, a PAL device, iS programmed to 
generate: Four control signals for the DCP (CLK, MALE, MRD and 
MWR), the Wait signal for the CPU, and the ACLR and CP to control 
the key load logic. 


The PAL device used in this application note is an AmPAL16R6 
device. It has eight inputs and eight outputs. Two outputs are 
combinatorial, six are registered. The input Output Enable OE is 
wired Low to enable all outputs. 


CLK and MWAIT are combinatorial outputs of the PAL device. MWAIT 
must be a combinatorial output to meet the timing relationship to 
MCS as specified in the iSBX specification (see the paragraph 
"Address Latch Cycle"). 


The other outputs -- MAS, MRD, MWR, QO, CP and ACLR -- are 
registered outputs. They are synchronous to the rising edge of 
the CLK1l input and, therefore, to the falling edge of the 
CLK output. 
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The ACLR is strobed Low when executing an output operation to an 
even I/O address with MCS, active. 


The CP is strobed low when executing an output operationto an 
odd address with MCS) active. The loading of keys is software- 
controlled so that a wide variety of devices can be plugged into 
the Key Connector. 


125 


Chapter 4 


PAL16R6 PAL DESIGN SPECIFICATION 
DCPG418 JUERGEN STELBRINK 6/28/83 
ISBX- BUS TO AM9568 INTERFACE DEVICE 

ADVANCED MICRO DEVICES 


CLK /ACK /MCS® /MCS1 /IORD /IOWRT MAG NC NC GND 
JOE /MWAIT /ACLR CP /MWR  /MRD MALE /Q MD7 vcc 
MWAIT = MCS@*/MCS1*/Q 
Q := MCS@*/MCS1*/MAG* IOWRT*MALE*/Q + > ADDRESS LATCH 
MCS@* /MCS1*MAG* IOWRT*MWR* /Q + > WRITE DATA 
MCS@* /MCS1*MA@* IORD*MRD*/Q + > READ DATA 
MCS@* /MCS1*Q 
/MALE := /MCS8+MCS1+MAQ+/IOWRT+MALE+Q 
MWR <=  MCS@*/MCS1*MAQ* IOWRT* /MWR*/Q 
MRD s= MCS@*/MCS1*MAQ*IORD 
IF (/MCS@*MCS1*IORD) /MD7 = ACK 
/CP := /MCSO*MCS1*MAQ*IOWRT 
ACLR := /MCS@*MCS1*/MAG@* IOWRT 
FUNCTION TABLE 
CLK /ACK /MCS@ /MCS1 /IORD /IOWRT MAQ@ 
MD7 MALE /MRD /MWR /MWAIT /Q CP /ACLR 
; / 7. 
; f ff F M J 
: J M M I O M / / W A 
-C Acco w mM M AM M A G 
->L Cc s§s § R RA D LRWé#I#/eiu 
-K K @ 1ODsT @ 7 E D R T Q P R COMMENT 
Cc X H H H HL Z GL H H H H 4H 4H > ADDRESS LATCH 
H X L H H H OL Z bL H H L H H 4H 
CSE ih. OM OB Ee. 7G Z H H H L H H 4H 
c xXx L H HL 27 GL H H H “L H H 
c xX L H H LL 27 Lb H H H GL H 4H 
Cc X H H H H LI 2 CL H H H H H H 
; 
Cc X L H H LH Z L H L L H H H-¢ DATA WRITE 
c X Lh H H L # Z GL H H H L H H 
Cc xXx L H H L H Z L H H H “GL H H 
Cc X H H H H 4H 7 DL H H H H H 4H 
; 
c X L H L H H Z L GL H L H H H_ 3 DATA READ 
c X L H LH B Z LoL HH L HH 
Cc X L H L HH Z L b&b HH GL H H 
Cc X H H H H 4H 7 L H H H H H 4H 
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L OL Z bL H HH H H H GL | RESET COUNTER 

H L Z G&G H H H H HAH HA 

L 4H Z GG HH H H H GB AH 3 CLOCK COUNTER 

H 4H 2 lL H H H HAH HAH HA 

H X L G&G H H H H H HH 3 ACKNOWLEDGE READ 
H xX H GL H H H H H HA 


TO INTERFACE THE 


AM9568 (DCP) TO ISBX— BUS. 


INPUTS: 
CLK 


/MCS@ 


/MCS1 


/TORD 
/IOWRT 
MAQ 


/ ACK 


OUTPUTS: 
/MWAIT 
/MRD 
/MWR 
MALE 
MD7 

CP 


/ACLR 


4 MHZ DCP CLOCK 


CHIP SELECT 
LOW ADDRESS LATCH CYCLE 
HIGH DATA TRANSFER CYCLE 


DCP 
MAG 
MAG 


KEY COUNTER SELECT 


WRITE: MAM = LOW COUNTER RESET 
MAG = HIGH COUNTER STROBE (8 TIMES 2 STROBES, 
TO LOAD THE 8 KEY- BYTES 
READ : PUT STATE OF ACKNOWLEDGE INPUT TO MD7 


INPUT/ OUTPUT READ 
INPUT/ OUTPUT WRITE 
ADDRESS LINE @ 


ACKNOWLEDGE SIGNAL FROM EXTERNAL KEY LOAD DEVICE 


WAIT SIGNAL TO THE CPU, TO EXPAND THE IO TRANSFER 


MASTER PORT READ 
MASTER PORT WRITE 
MASTER PORT ADDRESS LATCH ENABLE 
MASTER PORT DATA LINE 7 
CLOCK PULSE FOR THE KEY ADDRESS COUNTER 


RESET KEY ADDRESS COUNTER 
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Testing 


The DCP iSBX board was tested in a CP/M 86 system. It was hooked 
up to the Module 2 connector of an AMD iSBX Motherboard (PWA 
989520014). This Motherboard has to be configured for byte 
mode with the Module 2 addresses from 9@ to 9Fy, in order to run 
the test program without any changes. Therefore, jumper HDR1 is 
removed and HDR2 is installed. Jumpers 1-2 and 11-12 are 
installed. 


The test program is written in 89086 Assembly Language. The 
structure of the program is described below. 


It programs the DCP for ECB (Electronic Code _ Book) encryption 
mode and single-port operation by loading 18, into the Mode 
Register. Then 8 bytes of encryption key are put in and one block 
is ciphered. The 8 result bytes are stored at location "CIPHER". 


The result should be: 954,A8y,/D7y,28y/13y,DAy,A9y and 4Dy. 


Writing a 9ly, to the Command Register sets the DCP up for key 
input through the Auxiliary Port. A following Status Register 
read should show a 44,: Command Pending and Auxiliary Port Flag 
(AFLG) are active. 


The instruction "OUT ACLR,AL" initializes the key load logic. The 
loop LAB1l sends 16 strobes to the sequencer to strobe in 
encryption key (Figure 4.39). If all the key bytes do not have 
odd parity, the LPAR flag in the Status Register is set. 
If everything is correct after strobing the key in, the Status 
Register will contain O94. 


The start command C@y, sets the Start/Stop bit of the Status 
Register and sets the device up for a data encryption session. 
Loop2 loads 8 bytes of plain data into the Input Register. When 
this block is loaded, a Status Register read will show 83,4: 
Start/Stop is active, the input flag is active to indicate 
that more blocks of data can be put in, and the output flag is 
active to indicate that data can be read out. 


Loop3 reads one block of cipher data out of the Output Register 
and transfers it to the memory location "CIPHER". 


A following status read shows that the output flag is inactive 
indicating the Output Register is empty. 


The Stop command E@, terminates the ciphering session; all bits 
of the Status Register are reset. 
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ASM86 VER 1.9 


SOURCE: 


TESTISBX.A86 


JUERGEN STELBRINK 


6/13/83 


ADVANCED MICRO DEVICES 


9568 INTERFACE TO THE ISBX-BUS TEST PROGRAM 


(KEY LOAD THROUGH AUXILLARY PORT) 


8098 
8891 
8898 
8899 


8BBG 
GGG2 
8986 


8180 
G182 
8104 
8186 


8188 
G1GA 
B1BC 
G1GE 


8119 


8112 
0114 
8117 
8119 


G11B 


G11D 
O11F 
g121 


9123 
8125 


8127 
612A 
812D 
G12F 
8131 
0136 
8138 
8139 


813B 
813D 


BB 
B9 


E6 
2E 
E6 
43 
E@ 


Bo 


GO 
08 


98 
8A 
91 
F6 


G2 
99 


ORG 16@H 
ASTROBE EQU 
DSTROBE EQU 
ACLR EQU 
CP EQU 


DATA 
CONTROL 
MODE 


EQU 
EQU 
EQU 


MOV 
OUT 
MOV 
OUT 


MOV 
OUT 
MOV 
OUT 


IN 


OUT 
i) MOV 
LAB1: OUT 

LOOPNZ 


IN 


MOV 
OUT 
IN 


MOV 
OUT 


0) MOV 
04) MOV 
MOV 
OUT 
MOV 
OUT 
INC 
LOOPNZ 


87 6A G1 LAB2: 


MOV 
OUT 


OH 
82H 
86H 


AL,MODE 
ASTROBE,AL 
AL,18H 
DSTROBE,AL 


AL,CONTROL 
ASTROBE,AL 
AL,91H 

DSTROBE,AL 


AL,DSTROBE 


ACLR,AL 
Cx,16 
CP,AL 
LAB1 


AL,DSTROBE 


AL,CONTROL 
ASTROBE,AL 
AL,DSTROBE 


AL,@C@GH 
DSTROBE,AL 


BX ,@ 

CX,8 
AL,DATA 
ASTROBE,AL 


AL,CS:CLEAR [BX] 


DSTROBE, AL 
BX 
LAB2 


AL,CONTROL 
ASTROBE,AL 
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=e 


we =e 


ue we MO 


4 


=e 


ADDRESS STROBE (EVEN ADDRESS) 
DATA STROBE (ODD ADDRESS) 
RESET LOAD KEY LOGIC 
1.OUTPUT: LOAD KEY 

2. OUTPUT: INCREMENT ADDRESS 


DEFINE MODE: MASTER ONLY, ECB, ENCRYPTION 


LOAD CLEAR E KEY THROUGH AUX PORT 


READ STATUS REGISTER (AL=44H) 


DUMMY OUTPUT, TO RESET KEY LOAD LOGIC 


16 CLOCKS 
DUMMY OUTPUT 


READ STATUS REGISTER (AL=@@H) 
LATCH CONTROL REGISTER ADDRESS 
READ STATUS REGISTER (AL=81H) 


ENTER START COMMAND 


LATCH DATA REGISTER ADDRESS 


WRITE 1 BLOCK DATA TO INPUT REGISTER 


LATCH CONTROL REGISTER ADDRESS 


ASM86 VER 


G13F 


8141 
0144 
8147 
6149 
814B 
@14D 
6152 
8153 


@155 
8157 
8159 


815B 
815D 


O15F 
8161 
8162 
G16A 


8172 


END OF 


E4 


BB 
B9 
B@ 
E6 
E4 
2E 
43 
E@ 


BO 
E6 
E4 


BG 
E6 


E4 
CB 
8G 
G1 


GO 
8B 


1.0 


F6 
G2 
96 
91 


E@ 
91 


91 


G1 


8B 
8G 


SOURCE: TESTISBX.A86 


h) 
BO 


LAB3: 
87 72 61 


G1 @1 @1 @1 KEY 
88 898 G68 BG CLEAR 


CIPHER 


IN 


MOV 
MOV 
MOV 
OUT 

IN 
MOV 
INC 
LOOPNZ 


MOV 
OUT 
IN 


MOV 
OUT 


IN 


RETF 


DB 


DB 


RB 


END 


ASSEMBLY. NUMBER OF ERRORS: 4) 


AL,DSTROBE 


=e 


BX,@ 

CX,8 

AL,DATA 
ASTROBE,AL 
AL,DSTROBE 
CS:CIPHER[BX] ,AL 
BX 

LAB3 


=e 


AL,CONTROL 
ASTROBE,AL 
AL,DSTROBE 


=e 


=e 


AL, @EGH 
DSTROBE,AL 


=e 


-AL,DSTROBE ; 


; 
80H,1,1,1,1,1,1,1 
8,0,0,9,8,0,0,8 


8 
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READ STATUS REGISTER (AL=83H) 


LATCH DATA REGISTER ADDRESS 


; READ 1 BLOCK DATA FROM OUTPUT REGISTEF 


LATCH CONTROL REGISTER ADDRESS 


READ STATUS REGISTER (AL=81H) 


ENTER STOP COMMAND 
READ STATUS REGISTER (AL=@@H) 


INTERSEGMENT RETURN 


Chapter 4 
4.11. 8051 — Am9518/AmZ8968 


The 8831/8051/8751 Single-Component 8-Bit Microcomputer family 
can eaSily be interfaced to the DCP. Both devices together with 
TTL logic can form a stand-alone data ciphering system for low- 
to medium-speed data communication networks. Clear and ciphered 
data is handled serially with a programmable handshake protocol. 


Using the Am9568 eliminates the need of Port 1.x to control 
Master Port Read/Write. RD and WR can directly be connected to 
the corresponding inputs of the DCP (MRD and MWR). ALE does not 
have to be inverted when connected to MALE. 


Figure 4.48 shows the 8@51-DCP interface. The 80851 must be 
programmed so that Port @ provides a multiplexed address/data 
bus. Port @ is connected to the Master Port of the DCP. 


RD and WR are logically ORed to generate the Master Port Data 
Strobe. Port 1.x controls the Master Port Read/write input 
(MR/W). This satisfies the set-up time requirement of MR/W to 
MDS. 


Master Port Chip Select can be tied Low if it is guaranteed that 
RD or WR only become active ina DCP access cycle. Otherwise it 
must be generated by an address decoder. 


Clock Divider 


The DCP clock divider logic as shown in Figure 4.48 divides the 
CPU clock by four or six depending on the type of instruction 
the CPU executes (See the timing diagram in Figure 4.41). If the 
CPU generates an ALE every sixth clock, the CPU clock is divided 
by six. This is the normal case. The speed calculation of the 
DCP should be done for this clock rate. If the CPU executes 
"MOVX" instructions, every second ALE is left out and the divide 
factor is four. For both cases the minimum DCP clock High or Low 
width is two CPU clock periods which guarantees that even a CPU 
clock of 12 MHz satisfies the minimum clock requirement for the 
Am9518 as well as the AmZ8068. 


The AmZ8@68 gives a wider range for the Data Strobe to RD or WR 
delay. The typical value for the 8851 at room temperature with a 
full load at these outputs is 5@ ns. 


At a CPU clock rate of 18 MHz, this timing requirement is 9@ to 
1898 ns (two clocks minus 1@0@ ns) for the Am9518 and @ to 135 ns 
(two clocks minus 65 ns) for the AmZ8@68 at a CPU clock rate of 
1@ MHz. 


Programming 
Port 1.x must be High for a read access and Low for a write 


access. Data is transferred using a "MOVX @Ri,A" or "MOVX 
A,@Ri" instruction. Ri is register Rg or Rj. Only this 
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Figure 4.41. 8051-DCP Timing Diagram 
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instruction generates the interface timing needed for the DCP. 
The internal register address is loaded into Rn before 
executing this instruction. 


GO - Data Input or Output Register 
G2 - Command or Status Register 
G6 - Mode Register 


The Flags can be monitored by two input pins of the CPU, Port l.y 
and 1.z. One Flag corresponds to the status of the Input 
Register, the other one to the status of the Output Register. 
They become active Low if the CPU can perform a data transfer. 
For details refer to Chapter 3.1. 


In high-speed data ciphering applications, it might be too time 
consuming to toggle Port 1.x (MR/W). The toggling can be avoided 
by choosing the dual port configuration of the DCP. Both the 
Master and Slave Port are connected to Port @ of the CPU. During 
the data ciphering session, one port operates as the data input 
port, the other port operates as the data output port. This 
means that during the whole session, the data flow direction does 
not have to be turned around; MR/W can stay Low or High for the 
whole session. MCS and SCS select the appropriate port. 
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Figure 4.42. Network Transmitter 
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4.12. HIGH SPEED SERIAL DATA CIPHERING IN NETWORK SYSTEMS 


This chapter discusses the use of the data encryption chip 
(Am9518/AmZ89068) in local area networks. In some of these 
applications, it is desirable to use encryption as an option to 
an existing system. When this happens, the option board may have 
to take serial data from the former network driver and reprocess 
the data to transmit and receive cipher test. The following 
discussion should shed some light on a practical approach to this 
problem. 


First, the system must meet the required level of security. This 
is a system philosophy problem related to the handling of keys, 
CRC generation, and system partitioning. Secondly, data must 
meet transmission requirements such as continuous transmission of 
data, non-block size packet length, and transparency. The second 
requirement, which is the concern of this note, is a hardware 
configuration problem. 


The DCP (Am9518/AmZ8086) can be configured to cipher data at up 
to 14.2 Mbits/s. This can be accomplished by using the device in 
Direct Control Mode with a feedback path between the output port 
of the unit and its input port. The DCP may be looked upon as a 
three stage system: the input buffer, the output buffer and the 
algorithm unit. The DCP handles data in 64-bit (ECB and CBC) or 
8-bit (CFB) blocks. Between block transfers the system has to 
provide a recovery time of five clocks to allow the DCP to update 
its internal flags. External Buffers smooth this discontinuous 
data flow to provide a continuous data flow onto the network (see 
Figures 4.42 and 4.43). 


The system may be looked upon as a closed system in which the 
number of bytes in the system remain constant. Therefore, if 
nine bytes are rotated, the system would be initialized with 
eight bytes in the output buffer and one in the input buffer. At 
some time there would be eight bytes in the input buffer ready to 
move into the algorithm unit and one byte in the output buffer 
ready to be loaded into the P/S-XOR-S/P feedback circuit. 
Operation on the data will take eight network clocks. The data 
moving through the algorithm unit will take 23 DCP clocks (5.75 
microseconds for the 4-MHz 8886). This would allow a frequency of 
1.39 MHz for the network clock. If 1@ bytes were allowed to 
circulate in the system, one byte would still be available in the 
output buffer while one was being shifted through the feedback 
circuit, and a block was being processed in the algorithm unit. 
This would allow 16 network clocks to transpire during the 5.75 
microseconds that data moved through the algorithm unit. This 
would allowa network clock of 2.78 MHz. 


This reasoning holds until the data must be stored in an external 
buffer during the flag inactive period of the input and output 
DCP buffers. The inactive period is five DCP clocks of 1.25 
microseconds for the 4-MHzZ AmZ8@68. This happens when the 
network clock is 6.4 MHz. At this rate additional buffering, 
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Figure 4.44. Maximum Network Clock as a Function of the Number of 
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Figure 4.45. Bidirectional Interface, Transmit Mode 
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external to the DCP, is required. This would allow data to be 
stored in the external buffer while data is transferred from the 
algorithm unit to the output buffer on the output port, or from 
the external input buffer to the input buffer on the input port, 
while data from the input buffer is being transferred to the 
algorithm unit. The foregoing analysis holds up to 11 MHz (See 
Figure 4.44). 


To operate at the maximum frequency of 1.78 Mbytes/s, or 14.2 
Mbits/s, three additional initialization bytes must be added to 
the system, making a total of 19 bytes. This scheme is based on 
pipelining scheme A: minimum timing operation. The idea is to 
have enough data in the system to allow transfers through the 
algorithm unit in 18 DCP clocks. During the time data is being 
moved to or from the algorithm unit (1.25 microseconds) the 
external buffers must store 18 bits. This would require two 
registers in addition to the feedback circuit. 


The maximum number of bytes that can be used to initialize the 
DCP results from the need to minimize buffering while providing 
continuous data to the network. During the period when the DCP 
is in a lockout phase, there are 16 bytes in the DCP and the 
remaining number of bytes reside in the external buffers. This 
would correspond to a condition in which the output buffer has 
just been emptied and the algorithm unit and input buffer are 
ful. The lockout period takes five DCP clocks or 1.25 
microseconds. During this time, 18 bits must be transferred in 
order to meet network requirements. This requires that three 
buffer locations be available. Since there are six to begin, 
only 3 bytes can be stored externally; therefore, the maximum 
number of initialization bytes allowed would be 19. 


Figures 4.45, 4.46, and 4.47 show a block diagram of a system 
that will handle data from the bus or network side of the board. 
The controller must be able to handle some of the link functions. 
In particular, it must be able to respond to clear text or cipher 
text on a real-time basis. It must synchronize data transfers 
between the DCP, the buffers and the host or network buses, and 
initialize the DCP. Data is most rapidly transferred in Direct 
Control Mode; however, the DCP must also be able to manipulate 
keys and Initial Vectors. This requires switching to Multiplexed 
Control Mode, as these functions are not supported in Direct 
Control Mode. It must also be able to set the DCP to ECB, CBC, 
or CFB encrypt or decrypt modes. Because the cipher text may 
inadvertently contain control characters, it must be deciphered 
before it is decoded or the system must be operated in 
Transparent Mode. In addition to the normal transmission 
characters, it is usually desirable to add a message number or 
date stamp to the front of the cucu Rec? data and include the 
destination address. 


The initialization time required would be at least 31 clocks 
x @.25 microseconds/clock or 7.75 microseconds. This could be 
done during the clock time when the network is recovering from 
the previous transmission. | 
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The previous information has discussed the possibility of using 
the DCP in a link application in which only serial data is 
transferred between the host and network. We have found that the 
DCP can run at its maximum transfer rate by adjusting the 
initialization data and the amount of external buffering. We 
have also looked at some of the requirements for the controller 
in a secure network environment. We can conclude that the DCP 
may be used effectively in a link application at rates up to 
14.2 MHz. 
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APPENDIX A. Electronic Codebook (ECB) Test Data 


CAMEOS cate ec ROVER? hE Eiger ae 


E-Key = D-Key = @123456789ABCDEF 
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Encryption: 

Time Plain Text Cipher Text 
1 466F772069732074 3FA4Q0E8A984D4815 
2 68652074696B65290 6A271787AB8883F9 
3 666F7220616C6C29 893D51EC4B563B53 

Decryption: 

Time Cipher Text Plain Text 
1 3FA4Q0E8A984D4815 4AE6F7728069732074 
2 6A271787AB8883F9 68652074696B6529 
c' 893D51EC4B563B53 666F7220616C6C2G 


The plain text is the ASCII code for "Now is the Time for all..." 
These seven-bit characters are written in the hexadecimal 
notation (8,b6,b5,b4,b3,b2,b1,b@). 


Appendix B 


APPENDIX B. Cipher Block Chaining (CBC) Test Data 





E-Key = D-Key = 9123456789ABCDEF 

IVE = IVD = 912345678 9ABCDEF 

Encryption: 

Time Plain Text Cipher Text 
1 4E6F772069732074 E5C7CDDE87 2BF27C 
2 68652074696D6520 43E934008C389COF 
3 666F7220616C6C28 68378849 9A7CO5F6 

Decryption: 

Time Cipher Text Plain Text 

1 E5C7CDDE872BF27C 4E6F772969732074 
2 43E934008C389COF 68652074696D6529 
3 683788499A7CO5F6 666F7220616C6C29 


The plain text is the ASCII code for "Now is the Time for all..." 
These seven-bit characters are written in the hexadecimal 
notation (@,b6,b5,b4,b3,b2,b1,b@). 
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(CFB) Test Data 


E-Key = D-Key = 9012345678 9ABCDEF 

IVE = IVD = §123456789ABCDEF 

Encryption: 

Time Plain Text DES Input (IVE) DES Output Cipher Text 
1 4E 123456789@ABCDEF BD66156 9AE874E25 4E+BD = F3 
2 6F 34567898ABCDEFF3 7039546F9AGF633G 6F+70 = 1F 
3 77 567898ABCDEFF31F AD1B7 8B@BB371BE7 77+AD = DA 

Decryption: 

Time Cipher Text DES Input (IVD) DES Output Plain Text 
1 F3 123456789@ABCDEF BD66156 9AE874E25 F3+BD = 4E 
2 1F 3456789@ABCDEFF3 7839546F9AGF633¢ 1F+7@0 = 6F 
3 DA 56789 @ABCDEFF31F AD1B78B9BB371BE7 DA+tAD = 77 

The plain text is the ASCII code for "Now is the Time for all..." 

These seven-bit characters are written in the hexadecimal 


notation (@,b6,b5, 


function. 








b4,b3,b2,b1,b@). 
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Appendix D 


National Burean of Standards 


DATA ENCRYPTION STANDARD (DES) 
VALIDATION CERTIFICATE 


The National Bureau of Standards has tested the encryption device identified as 


AmZ8068 (also known as Am9518) and manufactured by 


Advanced Micro Devices, Inc. in accordance 





with the specifications of the Data Encryption Standard (Federal Information 
Processing Standard 46) and in accordance with the procedures specified in NBS 


Special Publication 500-20. 


The device has passed the DES test and in addition has passed a Monte Carlo test 


that lasted four million iterations. For the Monte Carlo test the initial value of the key 


was __SB1038B367D980E5 and the initial value of the input 
was _O/3F292FBOBC2DDE Cs Thee final value of the key 
was __B9234507D31AQ7AD sand the final value of the Output was 


was — BS99E74AF567496A | 

Devices bearing the same identification and manufactured to the same design 
specifications may be labeled as complying with the Data Encryption Standard. No 
reliability test has been performed and no warranty of the devices by the National 


Bureau of Standards is either expressed or implied. 


i, \ ge / 
‘An / 
QSq fen (FS! 4 ve a 
Date S. Jéffery,-Dijrect 


Center for Programming 

Science and Technology 
Institute for Computer Sciences 
and Technology 
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National Bureau of Standards 


DATA ENCRYPTION STANDARD (DES) 
VALIDATION CERTIFICATE 


The National Bureau of Standards has tested the encryption device identified as 


AM 9568 and manufactured by 


Advanced Micro Devices Inc. in accordance 
with the specifications of the Data Encryption Standard (Federal Information 


Processing Standard 46) and in accordance with the procedures specified in NBS 


Special Publication 500-20. 


The device has passed the DES test and in addition has passed a Monte Carlo test 


that lasted four million iterations. For the Monte Carlo test the initial value of the key 


was _9DFE6DD3457A9D and the initial value of the input 
was _3F98477A85B300FD CC. Thee final value of the key 


was _FB8929CE83A2737C and the final value of the output was 


was _404CB50060AE6CO04 

Devices bearing the same identification and manufactured to the same design 
specifications may be labeled as complying with the Data Encryption Standard. No 
reliability test has been performed and no warranty of the devices by the National 


Bureau of Standards is either expressed or implied. 


February 28, 1984 
Date 
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[ RRRRRKRRKE KEKE RRR RE KK KERR KERR ERE KER RE EKRKE RK KER ERK KRERERKRKEKKRKRKEKRERKKEKKEKKEKKK 


* Am9568 Certification Program 


2/22/84 z 


KHKKKKKEKEKKEKKKEKRKEKERERRKERERERKER KERR EEK ERE RRR KERR ERK REE KREKREKRKEKKEKKEKE / 


#include <bdscio.h> 
char buffer [BUFSIZ]; 
char file[{12]; 


mode (value) 
int value; 


{ 

outp (0x80 ,9xG6) ; 
outp(@x81,value) ; 
j 


command (value) 
int value; 


{ 
outp(9x88,0xG2); 
outp(¢@x81,value); 
j 


write block(text) 
int text[]; 


int i; 

outp (0@x80,0x@Q); 

for (i=@;i<=7; i++) 
outp(@x81,text[i]); 


read block(text) 

int text[]; 

{ 

int i; 

outp(0x80,8x00); 

for (i=O;i<=7;i++) 
text{iJ=inp(@x81) ; 

} 


encrypt (clear ,cipher) 
int clear[],cipher[]; 


command (0x41); 
write block(clear) ; 
read _block(cipher) ; 
command (@xe@) ; 


decrypt (cipher ,clear) 
int clear[],cipher[]; 
{ 
command (@x4@); 

write block(cipher); 
read block(clear) ; 


/* 


/* 


/* 


/* 
/* 
/* 


/*® 


/* 


/* 


/* 


[*® 


/*® 


initialize mode register of DCP */ 


address mode register */ 
ECB, master port only */ 


issue command "value" to the DCP */ 


address command register */ 
load command */ 


write one block */ 


address data register */ 


load 8 bytes */ 


read a block */ 


address data register */ 


read 8 bytes */ 


encrypt one block */ 
start encryption */ 

stop */ 

/* decrypt one block */ 


/* start decryption */ 
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command (@xe@) ; /* stop */ 

key load (value,key) /* load 56-bit key into DCP */ 
int value,key[]; 

{ 


command (value) ; 
write block (key) ; 
} 


show(n,textl,text2) /* write one line to the file */ 
int n,textl[],text2[]; 

{ 

printf("This is pass %d\n",n); 

fprintf (buffer," KEY(%4d) = $O02x%O@2xtO2xZO2xZO2xFO2xBG2xSG2x WOT 


textl[@],textl[1],textl1[2],textl1[3],textl[4],text1[5],textl[6], 
text1[7]); 

fprintf (buffer,"DATA(%4d) = 202x3O2xSO2xFG2xFG2xFG2xFG2xFG2x\n",n, 
text2([@],text2[1],text2[2],text2[3],text2[4],text2[5], 

text2[6] ,text2[7]); 


error (keys, rounds) /* print error message */ 
int keys,rounds; 


fprintf(buffer,"Comparison error for keys = %d and rounds = %d\n",keys,round 
exit(); 
odd parity (text) /* generate odd parity of array */ 


int text[]; 
{ 


Int 27 3¢n% 

for (1=0;1i<=7;1i++) 
{ 
n=text[{i]&l; 
for (j=1;3<=73 j++) n=n*((text[i]>>j)&1); 
n=n“1; 
text[iJ=text[i]“*n; 


} 
main () 
#define keys 400 


#define rounds 10099 
int i,j,ic,pinl{8],pln2[8],pl1n3[8]; 


strcpy(file,"CERT.DAT") ; /* define filename */ 
if (fcreat (file,buffer) ==ERROR) 
{ 
printf ("File already exists\n"); 
exit(); 
fprintf (buffer,"AMD#2 Am9568 Certification Data: Feb-23-84\n\n" 
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ln1l [@])=@x3f£;pln1[1]=98x98;pln1[2]=9x47;pln1[3]=@x7a; /* init plain text */ 
ln1l [4] =@x85;pln1[5] =@8xb3;plnl1 [6] =8x@8;pln1 [7] =Oxfd; 

ln2 [@]=8x9d;pl1n2 [1]=8xfe;pln2 [2] =@x6d;pln2 [3] =@xd3; /* init key */ 

1n2 [4] =0x45;pln2[5]=@x7a;pln2[6]=8x9d;pln2[7]=9xb9; 


=; 
now(i,pln2,plnl); 
or (i=l;i<=keys;i++) 


key load (@xll,pin2) ; 
key load (@x12,pln2); 
for (j=1; j<=rounds; j++) 


encrypt (plnl,pin2); 
encrypt(pln2,plnl); 
decrypt (plnl,pln3) ; 
for (ic=9;ic<=7;ictt) 


/* 
/* 
/* 


/* 
/* 


load encryption key */ 
load decryption key */ 


encrypt twice */ 


decrypt block to verify */ 
operation of DCP */ 


if(pln2[ic]!=pln3[ic]) error(i,j); 


odd parity(pin2); 
show(i,pln2,plnl); 


} 
utc (CPMEOF ,buffer) ; 
flush(buffer) ; 
close (buffer); 


/*® 
/* 


/*® 
/* 
/* 


modify new key for odd parity */ 
load result into file */ 


put EOF mark into file */ 
flush buffer to disk */ 
close file */ 
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9DFE6DD3457A9DB9 
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BYA2FB298AC18C67 
DA58E@8A3B7CD9D9 
38B310161CBCA2A8 
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BGEG23736B89FD83 
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